Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SBS 2003 Setup information needed ASAP

Status
Not open for further replies.
zyn

zyn

IS-IT--Management
Aug 5, 2002
8
AU
To anyone that know's: (would appreciate any help)

I just wanted to double check me settings with those in the know. I have the following setup:


2 x SBS 2003 Servers

both have 2 nics in each server

ServerA
Nic1: 10.0.0.1 (internal)
Nic2: 10.0.0.2 (external)

router: 10.0.0.100
forwarding ports to external interface ie(10.0.0.2)





ServerB
Nic1: 192.168.1.3 (internal)
Nic2: 192.168.1.2 (external)

router: 192.168.1.200
forwarding ports to external interface ie(192.168.1.2)


questions:

1.
In the router, do i forward ports to the internal interface, or the external interface (think it's external, just checking)

2.
If so, does the IP routing enabled option in RRAS route all the packets from the external interface to the internal interface. or should i have to add a static route for that, or both.

I have set this up mostly the same as it comes out of the box, SBS 2003, just want to make sure it's the correct routing setup. My idea of the routing is this, all packets come into server via external nic, then if required, are routed to the internal nic (am i wrong?)this is i guess microsoft's basic security setup for SBS. I thank any in advance for any type of serious reply.

zyn

 
Sort by date Sort by votes
Well, since you don't mention it, I'm assuming you're not using the Premium version/ISA server setup.

Generally, RRAS and the firewall will route packets appropriately in SBS. Use the Configure Email and Internet Connection Wizard (CEICW) located in the Server Management app under Internet and Email. It will step you through the process and as you provide relevant info will configure everything as needed.

I see a problem with your setup though, as for both servers you show both NICs on the same subnet (10.0.0.x or 192.168.1.x). A setup like this basically shunts around the Microsoft firewall as the two NICs can directly communicate.

With a NIC for Internal and one for External, you want to put each NIC in a separate subnet.

Use 192.168.1.x for the Internal LAN and internal clients, and 10.0.0.x for the WAN connections and router. Again CEICW can configure this for you.

As to forwarding ports from your router to the server, yes, use the External NIC address.
 
Upvote 0 Downvote
PS - After further consideration, to avoid possible gotcha's with DHCP and DNS on the servers, you only need to change the IP addressess of the External NICs and the affected router. I didn't want to imply that 192.168.1.x can only be used on the Internal LAN or 10.0.0.x only on the External.

This would mean the servers won't have similar NIC configs; and you may want to implement them with a similar standard config so you don't have to "switch gears" when working on one server vs. another.

Again, CEICW can implement these changes for you.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

bechna
  • Locked
  • Question
Windows Server and VPN Setup
Replies
1
Views
107
DrB0b
DrB0b
DTGMI
  • Locked
  • Question
Win 2003 & IBM X3350 M2 Server (7946AC1)
Replies
1
Views
79
technome
technome
evr72
  • Locked
  • Question
Wundows Server 2003 DNS can resolve names but not ip addresses
Replies
0
Views
57
evr72
evr72
njadmin
  • Locked
  • Question
upgrade 2003 R2 x64 SP2 to 2008 R2 x64
Replies
9
Views
149
njadmin
njadmin
axilleas
  • Locked
  • Question
Windows server 2003 WSUS
Replies
0
Views
62
axilleas
axilleas

Part and Inventory Search

Sponsor

Back
Top