HPE Community
Windows Server 2003
1752687 Members
5463 Online
108789 Solutions
New Discussion юеВ

Re: Windows 2003 SBS and network topology

 
SOLVED
Go to solution
David Moroney
New Member

тАО10-04-2005 11:48 AM

тАО10-04-2005 11:48 AM

Windows 2003 SBS and network topology

I bought a ProLiant ML110 G2 with W2003SBS factory installed. I completed the install using a single network card in a peer-to-peer topology, and everything worked fine. I had a cable modem connected to a wireless router and then to the server and network PCs.
I now want to change to a server topology using my SBS server as firewall etc, and want to know whether I need to reinstall SBS to do this? I have installed the second network card to the modem and am using the router as a wireless access point, but can't seem to get the SBS configuration from within the setup wizard to recognise the internet connection.
If I do need to reinstall SBS, how do I do that without a Smartstart CD? This didn't come with my machine as it was a factory install.
Can anyone help?
0 Kudos
7 REPLIES 7
Steven Clementi
Honored Contributor

тАО10-04-2005 12:43 PM

тАО10-04-2005 12:43 PM

Re: Windows 2003 SBS and network topology

David:

I am not totally familiar with SBS. Do you have the Premium Edition? or Standard Edition?

Either way, you would be able to use RRAS and the built in WIndows firewall to protect your network somewhat, but without the Premium edition, you do not have ISA Server which is a more robust Software Firewall solution than the built in stuff.

Why do you want the server to be the firewall? If your router has a built in hardware firewall, your almost better off using that instead of Windows as a firewall. What type of router do you have?

If it is a simple router, maybe you can replace it with a more robust Wireless Router/Firewall combination? Do you really want the server that does everything on your network to be the FIRST thing people can get to from the outside?

Now, onto the troubleshooting...

Is your cable connection DHCP enabled? If so, then you might have some trouble with configuring the server as I think you need a static address for it to all work properly.
If you have a static IP address form your cable provider, then did you set the network settings with that IP information?

Did you enable the firewall on the "Local Area Connection" that is plugged into the cable modem?


Steven
Steven Clementi
HP Master ASE, Storage, Servers, and Clustering
MCSE (NT 4.0, W2K, W2K3)
VCP (ESX2, Vi3, vSphere4, vSphere5, vSphere 6.x)
RHCE
NPP3 (Nutanix Platform Professional)
0 Kudos
Volker Spies
Trusted Contributor

тАО10-04-2005 06:53 PM

тАО10-04-2005 06:53 PM

Re: Windows 2003 SBS and network topology

Hello David,

what do you mean with "the wizard does not recognize my internet connection". Does the wizeard see your second NIC?

There is no need to reinstall SBS. Plug in the second NIC then start the networking wizard. Select Broadband and the local router option. Then you have to select the NIC to the internet and you are done.
If the wizard didn't see yout NIC then the nic configuration is wrong.
If you have the premium with ISA it works the same way. After the wizeard you can make additional settings in the isa console to fit your network needs.

Regards Volker
0 Kudos
David Moroney
New Member

тАО10-04-2005 07:56 PM

тАО10-04-2005 07:56 PM

Re: Windows 2003 SBS and network topology

Steven/Volker

Thanks for the prompt replies.

To answer your questions:
- I have SBS 2003 standard edition and do not have ISA Server
- router is Netgear MR814 and it has a built-in firewall
- my cable connection is Telstra Bigpond and it is DHCP enabled, i.e. I do not have a static IP address
- the second NIC is properly configured in control panel, but I setup an internet connection in the wizard using the broadband option rather than local router, and it wants to connect via the "WAN miniport" (whatever that is?) - I will need to try the local router option later when I get home (server is on a home network)
- I am wanting a server topology so I can more effectively control internet access on the networked PCs, e.g. block access at certain times.

If SBS's firewall is not robust enough, I might go back to the peer-to-peer arrangement. Your thoughts on this are welcome.

I really appreciate your help - you can probably gather I'm no network guru!

Regards
David
0 Kudos
Volker Spies
Trusted Contributor

тАО10-04-2005 08:13 PM

тАО10-04-2005 08:13 PM

Solution

Re: Windows 2003 SBS and network topology

Hello David,

This should be your configuration.
The IP's are just an example! The point ist that you need to split your network. 1.x and 2.x otherwise to routing can't work.

WAN Network 192.168.1.0
Router IP e.g. 192.168.1.1
1st NIC in SBS 192.168.1.2

Internal Network 192.168.2.0
Internal NIC 192.168.2.1
Network Clients 192.168.2.x (use DHCP on the SBS if you like).

In the network wizard choose local router. With the WAN Miniport you can establish dail up connections directly. But you have a router and the router will do the dailing for you.

As far as I know there is no (sbs)buildin tool to control the internet connections for the clients, you have to install some sort of proxy/firewall to controll the time (etc) of your clients.

I would be with Steven. Use only one NIC in your Server, point the std. gateway to your router. Use DHCP and point your client std. gateway to the router. Use the SBS DNS to resolv ip's (forward the queries to your router, or the ISP's DNS).

Now use the router's firwall to controll access to the internet for your clients.

Regards

Volker
Steven Clementi
Honored Contributor

тАО10-04-2005 11:29 PM

тАО10-04-2005 11:29 PM

Re: Windows 2003 SBS and network topology

The linksys router(s) I mentioned handle access restrictions.

See attached image...


What else do you need it to do? ;o)


Steven
Steven Clementi
HP Master ASE, Storage, Servers, and Clustering
MCSE (NT 4.0, W2K, W2K3)
VCP (ESX2, Vi3, vSphere4, vSphere5, vSphere 6.x)
RHCE
NPP3 (Nutanix Platform Professional)
0 Kudos
David Moroney
New Member

тАО10-05-2005 07:03 PM

тАО10-05-2005 07:03 PM

Re: Windows 2003 SBS and network topology

Steven/Volker

Thanks for your advice - I have decided to go back to a peer-to-peer topology with one NIC.

My router supposedly has time access control, but it doesn't work. I will check if there is a software upgrade I need to install.

Another way of achieving access control may be to use the user login restrictions in SBS2003 and configure the server as DHCP to assign addresses (rather than the router) and then clients will be forced to login to the server to get internet access, rather than going directly to the router as they do now. Will this work?

Regards
David
0 Kudos
Volker Spies
Trusted Contributor

тАО10-05-2005 07:25 PM

тАО10-05-2005 07:25 PM

Re: Windows 2003 SBS and network topology

Hello David,

yes that will work.

But if your clients have configured local users, it is possibel to log on to a client with a local user and then it is possible to surf the web. The (DHCP) ip adress is given to the client befor someone logs onto the client. So if you see the login screen the ip is already assigned.

I think there are 2 ways to get it running.

1. Use a proxy server on the sbs, there are Freeware proxy's with user restriction. Then don't distribute the std. gateway per sbs. Use the group policy to distribute proxy settings to your client's.
Jana proxy is easy to configure and it has restrictions on user/pass or time frame, buildin mailserver etc.
http://www.janaserver.de

2. Upgrade your router that it supports internet access per timeframe. I hope it is possibel to restrict it per MAC or computername, if you use DHCP your clients have no static ip adresses.

Regards,

Volker
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.