Re: SBS 1002 Premium R2 Mangling Port Issues

I agree with Cris. If you have a decent hardware firewall/router now, ISA
probably isn't going to add much (unless you need to track Internet usage by
your users or use some other feature of ISA).

--
Merv Porter [SBS-MVP]
============================

"MF" <MF@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:069A2C37-B8BB-4390-9B5B-B166C93A2F45@xxxxxxxxxxxxxxxx
I ended up going with the dual NIC option as I may be looking at installing
ISA at some point even though that thing can be confusing at times. I
would
love to see any ISA article/link such as the one you posted on the dual &
single NIC setup.

Thanx.

"Merv Porter [SBS-MVP]" wrote:

Glad to hear you've got it working. Just for reference, which scenario
(1
NIC or 2 NICs) did you finally end up with?

--
Merv Porter [SBS-MVP]
============================

"MF" <MF@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:342309B3-0CBB-4EC9-B8AD-D59D6FECEBA6@xxxxxxxxxxxxxxxx
You guys are geniuses, that did it. The ADT remote camera view is
working
now. Everything else was fine besides this, now its all good.

"Merv Porter [SBS-MVP]" wrote:

If you're going to stay with a single NIC scenario, you can either
remove
the WAN NIC so there's only one NIC in the SBS (and then re-run CEICW
to
configure SBS), or you can configure SBS to use both NICs and then
re-run
CEICW. If choose two NICS, the WAN NIC and the LAN side of the router
must
be in the same subnet and this must be different from the subnet of
the
SBS
LAN. Again, look at the diagram here:

Two Nics, a static IP address, ISA, router
(the diagram works with or without ISA installed)
http://www.smallbizserver.net/Articles/tabid/266/articleType/ArticleView/articleId/76/Two-Nics-a-static-IP-address-ISA-router.aspx

--
Merv Porter [SBS-MVP]
============================

"MF" <MF@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:55AFE1BB-96AA-4EE9-9F74-FCCA3A0A3401@xxxxxxxxxxxxxxxx
Thanx for the response, I will give it a shot and let you know the
outcome.
However, I just wanted to know if the subnet of the WAN NIC is the
only
one I
need to change or do I also change that of the router as well to
match
the
WAN NIC subnet?

Thanx.

"Merv Porter [SBS-MVP]" wrote:

From reading your posts, I believe this is what you need to do:
(you have 2 NICs but no ISA installed)

+ Set up the "internal" and "external" NICs on the SBS server in
different
subnets

Two Nics, a static IP address, ISA, router
(the diagram works with or without ISA installed)
http://www.smallbizserver.net/Articles/tabid/266/articleType/ArticleView/articleId/76/Two-Nics-a-static-IP-address-ISA-router.aspx

+ In the Sonicwall, port forward 8016 to the "external" SBS NIC IP
address
+ Re-run CEICW, enable the firewall, select your services and
finish
the
rest of CEICW (make sure it finishes without any errors)
+ Now forward the port 8016 traffic from the external SBS NIC to
the
LAN
device (ADT device):

1) Run rrasmgmt.msc in SBS 2003
2) Extend IP Routing and you should see the NAT/Basic Firewall node
3) Highlight NAT/Basic Firewall and you will see SBS server
external
network interface on right (By default the interface name should be
"Network Connection").
4) Right-click Network Connection interface select Properties
5) Click Services and Ports tab
6) Click Add button
7) Enter the description, select TCP or UDP, input port number in
Incoming
port box, input internal IP (for the ADT device) in Private address
box,
input port number in
Outgoing port box. The incoming and outgoing ports will be the
same
(8016).

Note: You can only input one port number here.

8) Click OK twice

--
Merv Porter [SBS-MVP]
============================

"MF" <MF@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:BA38E9BC-FD32-4F79-A4F2-916560CA76F1@xxxxxxxxxxxxxxxx
Thanx for the help guys. I do want to keep the WAN NIC, however I
would
like
an example of how I can effectively change its current subnet
configuration
appropriately judging from the information I posted before. I
also
feel
the
need to mention that the ADT DVR is on the LAN (not outside the
LAN),
it
has
also always been setup with the router (not SBS) as its default
gateway,
I'm
unsure if this is a problem or if I am better off setting the DVR
default
gateway and DNS network info to the SBS server. Keep in mind that
the
current
DVR configuration has always worked until suddenly not.

I did run the SBSBPA but it did not catch this WAN NIC subnet
mention.
It
only mentioned;

1. The network interface drivers being more than one year old
2. Disabling EDNS since some routers do not support it
3. Disabling Task Offloading to eliminate intermittent network
issues
between SBS and XP computers.....I just disabled this.
4. DNS Zone not allowing secure updates.
5. OWA update for Exchange Server not installed.....I just
installed
this.

A solution is hopefully closer.

Thanx guys.

"Les Connor" wrote:

The BPA would hopefully pick this up, and offer you links to how
to
fix
it.

http://www.sbsbpa.com/

--
Les Connor [SBS-MVP]


____________________________
"SuperGumby [SBS MVP]" <not@xxxxxxxxxxx> wrote in message
news:u3KQtqqNJHA.1172@xxxxxxxxxxxxxxxxxxxxxxx
yes, the system doesn't know how to route trafifc.

"Les Connor" <les.connor@xxxxxxxxxxxx> wrote in message
news:OacEIlqNJHA.1148@xxxxxxxxxxxxxxxxxxxxxxx
You've got both NICs and the router in the same subnet.
Eliminate
the
external NIC, or, change the IP configuration.

--
Les Connor [SBS-MVP]


____________________________
"MF" <MF@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:B739DED0-F305-4604-A821-953AC25C92D3@xxxxxxxxxxxxxxxx
I did a netstat -a on the SBS and there does not seem to be
anything
listening on port 8016. I also have the ipconfig /all below;

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : companydc1
Primary Dns Suffix . . . . . . . : company.lan
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : company.lan

PPP adapter RAS Server (Dial In) Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP)
Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.10.63
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Server Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme
Gigabit
Ethernet
Physical Address. . . . . . . . . : 00-76-9A-F9-B7-50
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.10.4
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.10.4
Primary WINS Server . . . . . . . : 192.168.10.4

Ethernet adapter Internet Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme
Gigabit
Ethernet #2
Physical Address. . . . . . . . . : 00-76-9A-F9-B7-6D
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.10.5
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.10.2
DNS Servers . . . . . . . . . . . : 192.168.10.4
Primary WINS Server . . . . . . . : 192.168.10.4
NetBIOS over Tcpip. . . . . . . . : Disabled

C:\Documents and Settings\Administrator>

Please let me know if there is anything else you need to
know.

Thanx.

"Cliff Galiher" wrote:

Just to be clear, am I to understand you are running SBS2k3
R2
without
ISA
but still with a 2-nic configuration? And you have another
TCP/IP
device
(the DVR) sitting somewhere outside of the LAN but behind
the
sonicwall
as
well?

Can you give me a ipconfig /all for your SBS box as well an
idea
of
how
you
have this wired up (switches, etc)? Sounds like you may
have
a
loopback
somewhere you shouldn't...

-Cliff


"MF" <MF@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:050BC6AC-1577-4EE9-B071-E0EFB066BB6E@xxxxxxxxxxxxxxxx
Hello All,

I have an SBS 2003 Premium R2 (without ISA installed) and
a
SoniWall
Pro
1260 (had a Linksys RV082 before). I am having some port
forwarding
issues
but the current pressing issue is port 8016 for the ADT
remote
camera
watch.
Basically, after troubleshoot with SonicWall support and
did
a
Packet
Trace.
It turns out that the firewall is sending port 8016
traffic
to
the
right
destination which is the ADT camera DVR but the the SBS
server
is
the
one
responding instead and on random ports (sort of like
intercepting
the
response that the ADT DVR is supposed to be sending back
to
the
remote
computer on WAN. On LAN it works fine. The following are
the
packet
trace
details;

#: 1
Time: 10/22/2008 09:39:47.768
Content: TCP received on OPT [ACK] 60 bytes
From: External.IP 64630 (00:03:1b:12:76:12)
To: My.Firewall.IP 8016 (00:06:b6:3c:98:7b)

#: 2
Time: 10/22/2008 09:39:47.768
Content: TCP sent on OPT [ACK] 566 bytes
From: SBS.Server.IP 98765 (00:06:b6:3c:98:7b)


.

Loading