Mariette Knap 
The Netherlands
Member since
3/24/2005
Forum Admins
Posts: 12968
 |
|
Hans Ruck
The Netherlands
Member since
3/28/2005
Platinum Membership
Posts: 50
|
| 5/11/2005 10:56 PM |
|
Hello Mariette,
I still have my SBS2003 configuration as you originally described on the SBS2000 configuration.
Speedtouch home
Vigor 2200 Router (PPTP connected)
2 NIC's
What is your current recommendation ? I'm replacing the old Speedtouch by a Speedtouch 510. Should I stay on the PPTP connection or move to standard NAT ?
Regards,
Hans |
|
|
|
|
|
Mariette Knap
The Netherlands
Member since
3/24/2005
Forum Admins
Posts: 12968
|
| 5/11/2005 11:13 PM |
|
Hi Hans,
Good to see you here again! I would just use the same setup as on the old Speedtouch. I use at the moment a standard Speedtouch 510 configured by the standard KPN procedure. If you configure the Speedtouch 510 for the first time I would connect it to a laptop and do the configuration from there. I have seen sometimes that running the wizards from Speedtouch 510 CD on the server does not work very well. |
|
| Mariëtte Knap Smallbizserver.Net Administrator | Mission accomplished. We have joined the branch office to our SBS 2003 Headquarters and have the same user experience on the branch office as we have on our local network at the Headquarters. Want to know how? Signup up for a subscription and get instant access to the article series 'How to add an additional Domain Controller from a remote office to the SBS domain' |
|
|
|
|
Hans Ruck
The Netherlands
Member since
3/28/2005
Platinum Membership
Posts: 50
|
| 5/12/2005 12:09 AM |
|
Mariette,
Thanks that's what I will do. I had lots of 'challenges' with the consistency of my hard drive. Lot's of unexplainable reboots, corrupt file systems, so there is always some work to do.
best regards,
hans |
|
|
|
|
|
Sandep KT
United Arab Emirates
Member since
6/12/2005
Registered Users
Posts: 1
|
| 6/12/2005 02:11 PM |
|
| I have the following scenario 10.XXX -------INT CARD SBSServer -------192.XXX EXT CARD ---------------192.XX VPNFWALL -------213.XXX EXT FACE OF VPNFW --------------RTR 212 STATIC Now my clients belong to 10.X ---- internal interface of my sbs server i have another small office which has got about 10 clients. I am planning to use an ipsec between the VPN boxes and the clients for the other side cna access the network throguh ipsec box VPN (not through ISA - ISA would be for proxying the filtering traffic now what sought of setup would u recomned ??? will they be able to browse the network with ipsec on these boxes ----- do i need to setup any rules for netbios to travel across the subnet and ipsex thanks in adv.. |
|
|
|
|
|
Paul Munro
United Kingdom
Member since
3/29/2005
Registered Users
Posts: 43
|
| 8/03/2005 02:38 PM |
|
As we have only the standard edition of SBS no ISA is included in the package. Does your reffered article still remain as a valid set up.
Also we do have a functioning system using only one NIC but the server does have two installed, and would like to reconfigure without data loss.
Paul |
|
|
|
|
|
Mariette Knap
The Netherlands
Member since
3/24/2005
Forum Admins
Posts: 12968
|
| 8/03/2005 02:47 PM |
|
Paul, this should work just fine with SBS 2003 standard. Just be sure that you do not change the IP address of the Nic that you currently use and if you activate the second Nic it must be set in a different network. Not the same as the server IP address. Also be sure that you do not connect any workstation to the router that is connected to your second Nic. Those workstations should only be connected to a switch that is connected to your first (server) Nic. After you have set all rerun the CEICW and all should be well. |
|
| Mariëtte Knap Smallbizserver.Net Administrator | Mission accomplished. We have joined the branch office to our SBS 2003 Headquarters and have the same user experience on the branch office as we have on our local network at the Headquarters. Want to know how? Signup up for a subscription and get instant access to the article series 'How to add an additional Domain Controller from a remote office to the SBS domain' |
|
|
|
|
Rene Leussink
Deventer, Netherlands
Member since
6/5/2005
Platinum Membership
Posts: 63
|
| 8/07/2005 03:48 PM |
|
I would like a review for the following network structure (see attched image) The trouble I'm having is that to get to the internal network from the windows 2000 ftp server I've got to add a static route 192.168.211.0 mask 255.255.255.0 192.168.211.61?? I would think that windows 2000 was already smart enough to know that when on one off it's nics it has ip 192.168.211.61 that it had to look for all 192.168.211.x numbers on this nic???
Thanks in advance,
Rene Leussink |
|
ReusSoft - SBS oplossingen van de SBS partner voor het MKB. |
|
|
|
Rene Leussink
Deventer, Netherlands
Member since
6/5/2005
Platinum Membership
Posts: 63
|
| 8/07/2005 03:49 PM |
|
and the other half off the diagram due to a limit off 60 kb for attachements... |
|
ReusSoft - SBS oplossingen van de SBS partner voor het MKB. |
|
|
|
Jerry Hopkins
United States
Member since
4/15/2005
Registered Users
Posts: 3
|
| 8/10/2005 07:32 PM |
|
Hello and thanks in advance for the help. I have upgraded to an SBS 2003 (not yet SP1) network as per the lovely diagram. The router is a Linksys RV082 (with VPN). This is the headquarters.Everything is working fine here. I have 3 showrooms with 1 or 2 PC's each (soon to be a few more). The showrooms have Linksys VPN routers also.All have static IP's. The PC's are a combination of Win98 and WinXP. What I am looking for is help with putting all four locations on one domain. I want to be able to see all PC's in the Network browser. Prior to the SBS upgrade I had an old NT server in HQ and this was working fine. 3 Site-to-site VPN's using only the routers. All clients could login to the domain. I can still make the VPN connections with the routers but the clients can't see anything except the external NIC of the server. I am assuming the issue is with ISA but I am not sure which way to proceed. Can I leave it as is and somehow configure ISA to let these clients through? Should I somehow make the showroom routers make a VPN connection directly with the ISA server? Should I forget the VPN routers and make the clients create a VPN connection on thier own? (would be 6 client VPN's now with a few more soon). What would provide the best performance for the WAN as there is a database application the clients need to access from the server that is a bandwidth hog. Thanks again....I've searched high and low and been stumped.
You are my last hope!
Jerry. |
|
|
|
|
|
Rene Leussink
Deventer, Netherlands
Member since
6/5/2005
Platinum Membership
Posts: 63
|
| 8/21/2005 11:03 AM |
|
Hi Jerry,
Am I right in the assumption that on the old nt4 config you had only one nic in the server?
Then configuration you now got looks like this? |
|
ReusSoft - SBS oplossingen van de SBS partner voor het MKB. |
|
|
|
Rene Leussink
Deventer, Netherlands
Member since
6/5/2005
Platinum Membership
Posts: 63
|
| 8/21/2005 11:13 AM |
|
| When you want to setup the configuration as you described the correct setup would be something like this. But you'le need an additional vpn router and an additional internet account. And you need to only allow vpn on the second router! because in this setup you'le be letting in internet directly to your lan and you surely wouldn't want that would you? |
|
ReusSoft - SBS oplossingen van de SBS partner voor het MKB. |
|
|
|
Rene Leussink
Deventer, Netherlands
Member since
6/5/2005
Platinum Membership
Posts: 63
|
| 8/21/2005 11:24 AM |
|
| So, if not looking at performance but at security... the correct setup would be to use vpn connections from the client because the difference is that if you use this setup the vpn connection to the sbs server would 'connect' to the internal side of the network. If you use vpn tunnels between the routers you virtually connect the showroom pc's to the external nic of the sbs server and youwould be able to see only the external nic. If on the other hand you connect with vpn-client software from sbs then you make a connection to the internal nic of the sbs and thus to the internal network. Hope this clarifies the differences between the vpn tunnels between the routers and the vpn connection from the client directly to the sbs server. |
|
ReusSoft - SBS oplossingen van de SBS partner voor het MKB. |
|
|
|
Jerry Hopkins
United States
Member since
4/15/2005
Registered Users
Posts: 3
|
| 8/23/2005 08:05 PM |
|
Yes, the old setup had an NT server with one NIC and no ISA, just the firewall in the router.
Thanks for the diagrams, they are accurate.
I understand all of what you said and I am aware that I can do client to server VPN's as you describe (and have already done it on one PC just to make sure).
I am trying to avoid that configuration for both ease of client setup/maintenance as well as performance.
You are correct that I would not want to do the "second router and connection" at headquarters.
We have an expensive, high-speed connection and do not want to pay more.
-----------------------------------
I am investigating static routes of the private subnets in all of the routers and in ISA as a possibility (got microsoft and Linksys involved).
I am also wondering if it is possible to have the showroom routers make a VPN connection to the server instead of the clients.
Any other ideas?
Thanks,
Jerry |
|
|
|
|
|
Paul Bailey
United Kingdom
Member since
9/5/2005
Registered Users
Posts: 1
|
| 9/05/2005 05:41 PM |
|
Our SBS2003 sp1 network is set up with 2 nic's as shown, with one exception. The dsl router (Speedtouch 510) has an external nic assigned (by isp) 80.168.157.?? and the server external nic also has an external ip assigned 80.168.157.?? (different from the router). Is this ok or should i be looking to mimic the configuration in the diagram?
Regards
Paul |
|
|
|
|
|
Mariette Knap
The Netherlands
Member since
3/24/2005
Forum Admins
Posts: 12968
|
|
Paul Bishop
United Kingdom
Member since
9/14/2005
Registered Users
Posts: 4
|
| 9/16/2005 07:44 AM |
|
| I am planning to setup a satellite office connecting to a SBS2003 with ISA server setup as in the article with two NICs and an SDSL router. The remote office will use an ADSL router and have a Windows Server 2003 Member server to provide local file storage and I hope to be able to use this server to create a VPN link to the SBS2003 network and share it to the 10 clients in the remote office. The users at the remote site would be mainly working from their local file storage however they would like to be able to have access to the remote server’s shares. Would it be possible to create a VPN connection from the Server 2003 machine and share this link between the other users on the remote office’s network? The internet connection at the main office would also be used to provide access to RWW and OWA |
|
|
|
|
|
Marina Roos
The Netherlands
Member since
3/24/2005
Forum Admins
Posts: 12627
|
|
Paul Bishop
United Kingdom
Member since
9/14/2005
Registered Users
Posts: 4
|
| 9/16/2005 08:04 PM |
|
wow, I've read it said by many others but now I love you too - thanks for the perfect link.
My new years resolution is to get to know the technet and knowedge base far far better.
Keep up the great work |
|
|
|
|
|
Chris Butler
United Kingdom
Member since
9/28/2005
Registered Users
Posts: 10
|
| 9/28/2005 10:35 AM |
|
Hi Folks
Bit new to this, so bear with me......
I have got involved with a company setting up the internet etc, and now on SBS2003. We have our ADSL on the way, we have 5 IP addresses isued to us as follows (ps i think i ned to get another NIC for the server?)
I have 5 addresses so i assume
There is only a router being supplied, so the SBS2003 server will look after the firewall etc. In the first instance when setting up, would you give the server the on the EXT NIC Ip address of 82.***.***.2. and then the other network card an ip address of 192.168.1.10 I hope this is clear Thanks Chris |
|
|
|
|
|