Re: SBS 2003 2NIC's
- From: "spm" <nospam@xxxxxxxxxxxxxxxxxx>
- Date: Sat, 08 Dec 2007 02:56:43 -0800
wigwam326@xxxxxxxxxxxxxx wrote:
Server
External NIC
IP 192.168.1.2
Subnet 255.255.255.0
Gateway 192.168.1.254
DNS - NOT SURE WHAT TO PUT IN HERE, DO I USE THE ONE PROVIDED BY BT?
IP 192.168.1.1 DCHP enabled
Subnet 255.255.255.0
Gateway - NOT SURE WHAT TO PUT IN HERE IS IT THE EXTERNAL NIC?
DNS 192.168.1.1
No, this is wrong. First, the external and internal NICs need to be on
different subnets. Second, the DNS server for all NICs - both of the
server's, and all of the clients' - need to be the IP address of the
server's *internal* NIC. Third, don't give fixed IP addresses to any of
the clients - use DHCP (running on the server) to push out settings to
all clients. If you have a *need* to fix the IP address of a client,
use a DHCP reservation on the SBS instead. Finally, don't use
192.168.1.x for - this can cause problems for VPN clients which are
typically on local 192.168.0.x or 192.168.1.x subnets. Use at least
192.168.16.x, 192.168.17.x or higher.
Also, Don't be tempted to assign your ISP's DNS servers to any of the
NICs, anywhere on your network - this will give you problems. The ISP's
DNS servers are used as forwarding servers by the SBS's own DNS server
- you tell the SBS what these are using the CEICW.
Most of this can be configured by using the CEICW (Configure Email and
Internet Connection Wizard) on the server. Do *not* try to do things
like this manually - ALWAYS, ALWAYS, ALWAYS USE THE WIZARDS. First, I'd
configure the router on the 192.168.17.1, say. Turn off its DHCP server
and give the server's external NIC an IP address of 192.168.17.2, say.
Now run and complete the CEICW. Make sure all of your clients are set
to use DHCP (and renew their addresses, or reboot them). Done.
Lastly, a word about your router. I'm not sure of the real firewall
capabilities of your router, but at first glance it will probably do.
There are those here who will tell you you have to spend a small
fortune on a "real" firewall, arguing that it's a small price to pay to
protect your company's data. The argument is somewhat flawed, though.
You protect your company's data by putting in place a proper disaster
recovery plan, a part of which is a strong backup and restore procedure
which you verify works properly. Judicious use of RAID and other
redundant hardware is another part. Your exposure then is not the cost
of the data, but the costs of implementing the disaster recovery plan,
should it ever be needed. That will better enable you to trade off
expenditure against budget.
--
Regards,
Steve.
.
- Follow-Ups:
- Re: SBS 2003 2NIC's
- From: Colin
- Re: SBS 2003 2NIC's
- References:
- SBS 2003 2NIC's
- From: wigwam326
- SBS 2003 2NIC's
- Prev by Date: Re: Two nic setup right / How do see if it is secure
- Next by Date: WSS3 limitations regarding search in SQL Server 2005/SBS2003 environment, see http://go.microsoft.com/fwlink/?LinkId=77404
- Previous by thread: Re: SBS 2003 2NIC's
- Next by thread: Re: SBS 2003 2NIC's
- Index(es):
Relevant Pages
|
