Re: Adding a 3rd NIC to an SBS2003 Premium server.

No servers at the other offices to run ISA on, just client pc's
--
Jerry


"Charlie Russel - MVP" wrote:

ISA to ISA firewalls work very well, IMHO. That's what I'd do, personally.

--
Charlie.
http://msmvps.com/xperts64
http://mvp.support.microsoft.com/profile/charlie.russel


"Jerry" <Jerry@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:338784AE-D1E0-4D4D-B885-17FD0FE1AAA4@xxxxxxxxxxxxxxxx
Thank you all for your posts.

I currently run our SBS server with two NIC's behind a perimeter hardware
firewall. All three locations are currently linked with vpn tunnels
between
the firewall routers. But, those vpn tunnels terminate outside of the SBS
firewall on the server, thus requiring the remote clients to use the
connection to small bus server to access recourses on the server. My goal
in
adding the 3rd NIC would be to establish those vpn tunnels behind the SBS
firewall to allow access to those recourses on the server without the use
the
client vpn connection. I would also want to remove the perimeter router at
our main office and use ISA 2004 instead. Any thoughts our comments would
be
appreciated.
--
Jerry


"Lanwench [MVP - Exchange]" wrote:

Jerry <Jerry@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
I manage a SBS 2003 server currently using two network cards. I would
like to add a 3rd NIC to the server. The reason for this would be to
setup a routed link between our main office and two remote offices
utilizing some existing routers with VPN Tunneling capabilities. Thus
allowing clients to access the internal network through a point to
point VPN connection from behind the firewall, rather then the
individual client vpn connections they are using now.

Can anyone tell me what might be potential draw backs to doing this,
and what to expect when I add the 3rd NIC.?

Two NICs is quite bad enough; I think you're better off with one and a
good
firewall.

If your VPN tunnel is set up between compatible hardware endpoints (I
like
Sonicwalls for this; IPSEC VPN) your server need not know anything about
it.
Keep things simple....it'll work better.




.

Relevant Pages

  • RE: OWA page not displayed Outside
    ... Open ISA 2006 management console. ... Expand the server node and highlight 'Monitoring'. ... Click 'Configure Firewall Logging'. ... |> internal client as both the web proxy client and firewall client? ...
    (microsoft.public.windows.server.sbs)
  • Re: Small business thinking about backing up data, having a server and 2-3 users - is SBS200
    ... is networked to the Master with a crossover network cable. ... Master on the Master PC and Client on the Slave pc. ... Since this machine is a server is should handle the requests ok ... Most real firewall appliances have HTTP and SMTP proxy services that allow ...
    (microsoft.public.windows.server.sbs)
  • Re: ISA firewall block outgoing email.
    ... I cannot send/receive email to the POP3 account unless I turn off the firewall in the CEICW. ... (This server is behind a router so I felt the test was safe enough to turn off the firewall). ... As I said, there is no need to add a hole for port 110, If the ISA client is installed on the workstation, Outlook will deliver the email. ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS VPN setup?
    ... And I'm reviewing if I need to do client notifications at that point. ... You purchase 2k3 PREMIUM and that comes with ISA to handle the firewall duties. ... SBS plugs into a switch with the other computers and the switch is plugged into a firewall appliance with 2-nics. ... To compare apples to apples, let us assume there is a network setup as I outlined above...and the firewall appliance is an ISA server, such as those available from Celestix. ...
    (microsoft.public.windows.server.sbs)
  • RE: VBScript: Remote Desktop Disconnected
    ... I have a client with the same exact scenario. ... Rdp via RWW works fine from ... On the SBS 2003 Server open the Server Management console. ... When navigating to the Firewall page, ...
    (microsoft.public.windows.server.sbs)