Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Challenging Complex Home setup question

Status
Not open for further replies.
marcoryan

marcoryan

IS-IT--Management
May 1, 2003
10
GB
Relative Newbie to Win2k server that is getting confused over optimal configuration of Static vs Dynamic IP, DNS and DHCP

The Aim: Set up a simple home Lan of win2k server with 3 XP Pro clients, and 4 remote users. I am about to get a Draytek Vigor 2600 Router and ADSL connection. I will need the reomte clients to access an application (resident on the server)via a VPN.

The Complication
1. I am confused as to whether I need Static or Dynamic IP. I think I need Static because of the VPN requirement.

2. If the Router is configured with the STatic IP address, providing this router has NATS i am assuming I can use Private IP adresses on the network. If so I would like these to be DYnamically served so that the remote users don't have any issuess connecting. Is this possible/correct.

3. How do I set up the server since the servername must conform to a name such as mycompany.com. I don't want to register a URL, just to have a private network running an application server that utilises the Web for VPN.

4. Finally I have read that the DHCP server would need the static IP address. DO I then not load DHCP on the win2k server but use the capabilities of the ADSL firewall/router to do this? (The router claims to have NATS, DHCP and DNS). I am confused as to where and how the DNS, DHCP needs to be configured

The solution?
Over to you guys! Any help gratefully received
 
Sort by date Sort by votes
Will you be useing the router or w2k server for the VPN?

Question 1: Static for the VPN users or your network? Since you will be using an IP based VPN you should be able to assign an address pool in the router for the VPN users. So no static is necessary for them. I'm not familiar with this router so I do not know how to set this up for a VPN or if it has LAN ports. I would look up any info on this before I purchased it. The server will be static and all clients set for DHCP.

Question 2: Anything after the adsl modem is yours and can be configured for a private network.

Question 3: Do not worry about registering a URL. Your ADSL modem will be given a public IP address that will change roughly every 3 months unless you request it. The VPN will utilize this IP address. So name your server whatever you want.

Question 4: It is always good practice to give servers an static IP address and everything else DHCP (less admin overhead) I would try out the DHCP, DNS server on the router and see if it works. If its up to par, easly managed etc.. If not go ahead and install this on your server. When you go to admin tools there is an option to configure your server. You can find links on how to set this up correctly at MS support site.

Does this application have a web interface? If so after they connect to the router with the vpn client they can simply type in the address of the server in their browser. You will have to configure IIS for this.
The router will have a static IP I would give the server a static private ip address. Everything else DHCP. Unless I misunderstood your network will look like this:

Internet
|
ADSL (public IP)
|
Router (Private Static IP)----Clients (DHCP)
|
Server (Private Static IP)
 
Upvote 0 Downvote
Just looked up some info on the Draytek Vigor 2600 Router. Seems pretty sweet. You should recieve a public IP from your ISP. Still give the server a static IP and everything else DHCP. Test the router first and see if it works before you configure the server for this. Might save a lot of time and less stress on the server.
 
Upvote 0 Downvote
Thanks for such a detailed response.

You have understood the intended schematic almost perfectly. My aim was to use the Draytek as an ADSL MOdem, VPN/FIrewall and router combined. Does this change the need for Static Ip adresses?

My understanding from what you have said is that a static Public IP address is not required even for remote users to connect to the server through the VPN.

The only complication is that these users are on different operating systems win 95, 98, Me and XP. They need to configure the VPN settings once and once only! I had assumed that by having a static IP address at my end (in the VPN/Router/MOdem) this would be achieveable. SInce these users never return to base but are always remote, we do not have the chnace to re-configure. Have I understood this correctly?

You are correct in stating that the applicaiton (a content Management system) requires IIS running.

Many thanks for all your help

 
Upvote 0 Downvote
Your right, the remote users do not need a static ip..just your server. The VPN router will assign them an IP from the VPN IP adddress pool that you set up in the router when they connect. Your ISP will give you a IP address for the router. You should use a private static IP for your server. Your ISP will give you a public IP address which the remote users will use in their VPN Client software to connect to the VPN.
So lets say John Doe (remote user) is using a cisco VPN client dialer on his pc. He puts your public IP (IP of router which ISP gave you) into the dialer with the correct authentification and clicks connect. walla..they are now connected to the VPN. This creates an encrypted tunnel to your network. After they connect with the VPN they will not be able to browse the internet or check email etc.. To access the application all they have to do is open up internet explorer (which will try to find the default home page just click stop) and type in the static IP address of the server (which is why you need static for the server) or if DNS is set up right the name of the server. ex: http:\\192.168.0.1 or http:\\urdomain.com If DNS and DHCP is set up right they can use the http:\\urdomain.com even if the server is set to dhcp but is in good practice to assign it a static.
For the remote users with differetn OS's I would write up an instruction in word and give them step by step instructions on how to set this up. Include pictures or whatever. They can always use this for a reference if they have trouble.
 
Upvote 0 Downvote
quell, does the following look correct?
begin diagram

[internetclient] (dynamic public ip by ISP) and
(vpn dynamic private ip by router}

| (tunnel to router)

{{{internet}}}

|

[ADSL]

| (end tunnel to router)

(dynamic public ip address by ISP)
[ROUTER with NAT and DHCP
assigns private addresses on lan and vpn]
(static private ip, typically 192.168.0.1)

| | (lan connections on router)
| |
| [clients] (dynamic private ip by router)
|
(static private ip)
[server with DNS, WINS, etc, NO DHCP]

end diagram
if you keep the ADSL and ROUTER connected all the time, you should retain a dynamic ip address that should not change, else a static ip from the ISP is prefered.
 
Upvote 0 Downvote
Looks great to me...thanx,seaspray If the router handles the DNS there is no need to install that on the server. You will need WINS installed on the server for the 95,98 users. The dynamic IP assigned to the router from the ISP expires every 3 months pretty sure it varies from ISP to ISP. That is the only potential problem I see. You might be able to sweet talk them into a static IP...don't know never tried it :) Even then the only thing you would have to do is change that IP setting in the VPN Client software. Here is a link for your router. You can dl the user guide etc..
 
Upvote 0 Downvote
Guys

Thanks so much for such detailed advice.I've much to get on with!
 
Upvote 0 Downvote
Actually, you will need DNS on the server. The DNS on the router is going to be used for internet resolution. Install DNS on the server to resolve and dynamically register your clients and create a forward on the server's DNS to the router DNS for internet resolution (remove root "." zone on server DNS to create the forward). Since the router is acting as the DHCP, this means you'll have to statically assign the DNS settings on the clients to point to the server.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

bechna
  • Locked
  • Question
Windows Server and VPN Setup
Replies
1
Views
103
DrB0b
DrB0b
edgar28
  • Locked
  • Question
Question on Network cards - Windows Server 2019
Replies
1
Views
101
DrB0b
DrB0b
DrB0b
  • Locked
  • Question
HyperV Virtual Switch and Physical NIC question
Replies
3
Views
90
DrB0b
DrB0b
DrB0b
  • Locked
  • Question
General Windows Server Datacenter/Standard Licensing Question
Replies
1
Views
66
DrB0b
DrB0b
Krus1972
  • Locked
  • Question
Web.Config URL Rewrite Question
Replies
0
Views
60
Krus1972
Krus1972

Part and Inventory Search

Sponsor

Back
Top