Re: Adding a 3rd NIC to an SBS2003 Premium server.

ISA to ISA firewalls work very well, IMHO. That's what I'd do, personally.

--
Charlie.
http://msmvps.com/xperts64
http://mvp.support.microsoft.com/profile/charlie.russel


"Jerry" <Jerry@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:338784AE-D1E0-4D4D-B885-17FD0FE1AAA4@xxxxxxxxxxxxxxxx
Thank you all for your posts.

I currently run our SBS server with two NIC's behind a perimeter hardware
firewall. All three locations are currently linked with vpn tunnels between
the firewall routers. But, those vpn tunnels terminate outside of the SBS
firewall on the server, thus requiring the remote clients to use the
connection to small bus server to access recourses on the server. My goal in
adding the 3rd NIC would be to establish those vpn tunnels behind the SBS
firewall to allow access to those recourses on the server without the use the
client vpn connection. I would also want to remove the perimeter router at
our main office and use ISA 2004 instead. Any thoughts our comments would be
appreciated.
--
Jerry


"Lanwench [MVP - Exchange]" wrote:

Jerry <Jerry@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
> I manage a SBS 2003 server currently using two network cards. I would
> like to add a 3rd NIC to the server. The reason for this would be to
> setup a routed link between our main office and two remote offices
> utilizing some existing routers with VPN Tunneling capabilities. Thus
> allowing clients to access the internal network through a point to
> point VPN connection from behind the firewall, rather then the
> individual client vpn connections they are using now.
>
> Can anyone tell me what might be potential draw backs to doing this,
> and what to expect when I add the 3rd NIC.?

Two NICs is quite bad enough; I think you're better off with one and a good
firewall.

If your VPN tunnel is set up between compatible hardware endpoints (I like
Sonicwalls for this; IPSEC VPN) your server need not know anything about it.
Keep things simple....it'll work better.




.

Relevant Pages

  • Re: SBS VPN setup?
    ... And if you have a hardware firewall you haven't flashed in years they just got in through a exploit. ... SBS plugs into a switch with the other computers and the switch is plugged into a firewall appliance with 2-nics. ... To compare apples to apples, let us assume there is a network setup as I outlined above...and the firewall appliance is an ISA server, such as those available from Celestix. ... > learn and test the RWW solution before deploying it. ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS VPN setup?
    ... The 2-nic configuration is used when the SBS server will *also* act as your network's firewall. ... You purchase 2k3 PREMIUM and that comes with ISA to handle the firewall duties. ... To compare apples to apples, let us assume there is a network setup as I outlined above...and the firewall appliance is an ISA server, such as those available from Celestix. ...
    (microsoft.public.windows.server.sbs)
  • Re: Internet on nodes
    ... disabled state (someone please confirm this for SBS Standard, ... firewall service should result in 'ISA lockdown'. ... print' from both the server and a WS. ... Was not able to connect to the internet on the WS. ...
    (microsoft.public.windows.server.sbs)
  • Re: ceicw failure on e-mail config
    ... Merv Porter [SBS MVP] ... Ethernet adapter Server Local Area Connection: ... Call to Reading the firewall selection returned ok. ... Firewall Rule: SBS DHCP Client ...
    (microsoft.public.windows.server.sbs)
  • Re: Firewall on a single NIC SBS2003 Standard edition
    ... Frank McCallister SBS MVP ... > " Well, if you're wanting to run the firewall on a single NIC, you aren't ... Don't ask the server to do *everything*, ... > internet traffic from the workstations don't have to go through the SBS. ...
    (microsoft.public.windows.server.sbs)