Icon explained    
Articles marked with this logo are 'subscriber' only articles. Click here to become a subscriber
Small Business Server articles and howto's    

Current Articles | Search

Two Nics, a dynamic IP address, ISA and a router
By Mariette Knap :: 7 Comments :: :: ISA Server 2000, Network configuration, ISA Server 2004, SBS 2003, SBS 2000, Public articles
TERMS
This document and what comes with it are provided as-is with blunt warning: Use at your own risk, buyer beware. You break your system; you own the resolution as well. We have no liability for what you do, or can't do, or fail to do with this information. Your entire protection is to start over again with a protected backup, or from protected system. If you don't want to accept this idea, please don't use this document.


Courtesy Susan Bradley/Merv Porter

Please note the recommended DNS setup is noted in this KB article: Frequently asked questions about Windows 2000 DNS and Windows Server 2003 DNS

Additional Setup

a. Right click My Network Places...Properties. Right click on Internal NIC. Under the General tab, you should have the following checked:

  • Microsoft Client for Networks
  • QoS Packet Scheduler
  • File and Printer Sharing
  • Internal Protocol (TCP/IP)

b. Right click My Network Places...Properties. Right click on External NIC. Under the General tab, you should have the following checked:

Internal Protocol (TCP/IP) - nothing else

c. Right click My Network Places...Properties. Highlight the Internal NIC. Then select Advanced...Advanced Settings from the top menu for that window. This will check the bindings.

  • The Internal NIC should be displayed first followed by the External NIC. If not, move the Internal NIC to the top of the list.
  • The Internal NIC should have File and Printer Sharing bound (check marked) to the TCP/IP Protocol.
  • The Internal NIC should have Client for Microsoft Networks bound (check marked) to the TCP/IP Protocol.
  • The External NIC should be bound to TCP/IP only (no other protocols or services).

d. DHCP setup. Click on Start...Administrative Tools...DHCP.

  • Address Pool: 192.168.16.0 to 192.168.16.254
  • Scope Options:
  • 003 Router 192.168.16.2
  • 006 DNS Servers 192.168.16.2
  • 015 DNS Domain Name yourcompany.local
  • 044 WINS/NBNS Servers 192.168.16.2
  • 046 WINS/NBT Node Type 0x8

[Please note - in official release notes, this value is usually seen as 0x1 (type B), however 0x8 is recommended for a SBS server.]

e. Internet Connection Wizard (ICW)

  • Start the SBS Admin Console and run the ICW.
  • When prompted: Select Broadband Connection.
  • When prompted: Select External NIC.
  • When prompted: Use the DNS Nameservers from your ISP as DNS Forwarders.
f. Check to make sure the External NIC IP address is not included in the LAT range.

SBS Console | Internet Security and Acceleration Server 2000 | Servers and Arrays | | Network Configuration | Local Address Table (LAT)

Example:

If the external NIC has an IP address of 192.168.1.2 and the Internal NIC has an IP address of 192.168.16.2, then the range in the LAT should be 192.168.16.0 to 192.168.16.255 (which excludes the external NIC).



Please note:  While the suggested IP addressing schema of the SBS 2000 is 192.168.16.x, you can utilitize any private IP address as recommended.  Thus if you have a prior set up of 10.0.0.x, you may use that as well. When attaching Win98, or WinME computers, you may need to use hosts and lmhosts files to assist them in attaching to the network.  Please see click on logon problems for additional detail.

Please review the examples for additional information and guidance.

For additional features that can normally only be done with a static IP address, you may wish to sign up for dynamic DNS services such as www.dns2go.com or www.tzo.com that will provide you with these abilities.  You will need to set your ISA server to allow for communication:

Name :[Insert your own]
enabled
custom
ip protocol: TCP
direction: both
local port: all ports
Remote port: Fixed port
Remote port number: 1227
Comments
By Tony LaRue @ Sunday, July 09, 2006 1:57 PM
This article did work, but should mention how to install DHCP before referencing it in "Administrative tools". Also, when changing from a different topology, it may be necessary to change server IP address, no directions were given for that.

Tony
By Marina Roos @ Sunday, July 09, 2006 6:00 PM
Tony,

Default the DHCP server is already installed on SBS 2000 and 2003. Unfortunately the SBS 2000 doesn't have a Change IP wizard, so it doesn't make sense to mention that here.
By Tony LaRue @ Sunday, July 09, 2006 10:42 PM
My suggestion for revision, after d:

If you do not see DHCP, it may not be installed. Follow the instructions here to install DHCP:

http://support.microsoft.com/kb/323416/

If you have SBS 2003 and need to change your Server IP address at this point, you should run the 'Change Server IP Address' wizard found in the 'Internet and
Email' section of the SBS console.
By Mariette Knap @ Sunday, July 09, 2006 10:48 PM
How to change the server IP address:
http://www.smallbizserver.net/Articles/ArticlesEnglish/tabid/266/ArticleType/ArticleView/ArticleID/72/Default.aspx
By Tony LaRue @ Monday, July 10, 2006 1:25 AM
Well done, Mariette. Now that's what I call a 5-star procedure!

Tony
By Kenny MacLeod @ Friday, August 11, 2006 1:00 PM
This is excellent advice - completely solves my issue.

However I have 1 question. Is there any additional configuration required on the router to forward everything to the external NIC of the ISA?

Also, is it recommended that any firewalls on the router are disabled or not?
By Mariette Knap @ Friday, August 11, 2006 1:08 PM
If your router also has a Firewall you can have a second layour of security. If you want to receive mail you need to configure the firewall/router to allow traffic on port 25 to be forwarded to the external nic in your server.
You must be logged in to post a comment. You can login here
Copyright 2002-2008 Concentrix b.v.    :   Page generated in 0.156251 seconds.   :   Terms Of Use   :   Privacy Statement