Solved

SBS2000 Multihomed Configuration

Posted on 2003-10-28
4
288 Views
Last Modified: 2010-04-26
I have a SBS2000 that we do not use ISA.  I have actually uninstalled ISA of this machine.  It has 2 NICs.  I need to have one with the LAN subnet, 192.168.15.0 and the other with our public ip.  I want the public IP to accept client VPN connections.  I have ran the RRAS configuration wizard.  I guess my question is how to congiure the adapters.  We have a gateway on the LAN, .15.1 and a gateway from our ISP for the public address.  I do not hink the computer would be happy with 2 default gateways.
Thanks
0
Comment
Question by:bprimm
  • 2
4 Comments
 
LVL 32

Expert Comment

by:jhance
ID: 9634958
If you are going to have two NICs, one having a PRIVATE IP (i.e. 192.168.0.0) you MUST use either ISA Server or some other NAT routing software.  Windows 2000 (including SBS 2000) does NOT do NAT routing on it's own.  It does do ROUTING but your private IPs will not be routed beyond the next router in the network path if you ERRONEOUSLY configure your SBS2000 server to route 192.168.0.0 hosts to the "internet".

If you prefer not to use ISA Server (which I don't understand why you wouldn't use) there are 3rd party alternatives.  I've used WinGate in the past and bee very satisfied.
0
 
LVL 32

Expert Comment

by:jhance
ID: 9634974
BTW, a useful alternative here is to use a HARDWARE NAT router, which is something that is very inexpensive today, to accomplish the NAT function without having to use ISA Server or buy another software tool to run on the server.  In a recent installation I used a NetGear MR314 wired/wireless firewall/router to send all internet traffic out via the router's public IP.  It cost something like $35.00.
0
 
LVL 1

Author Comment

by:bprimm
ID: 9637591
I think I need to explain myself better.
Oh yea Yahoo considers emails from this bulliten as spam.

All I need to know is the best practice on configuring a multi-homed SBS2000 server without ISA.
We already have NAT configured on our router for the clients to access internet.

My specific question is considering the gateway field.  When setting up RRAS, i configured the VPN adapter (public IP)to only accept connections specific to the VPN (1723, 500, 47, etc).
What gateway do I use, the internal LAN or the ISP's router.

                                     T1 (15 IP addresses)
                                           ||         ||
NAT router for internet/firewall           NIC on SBS2000 for VPN
                         ||
       NIC on SBS2000 for LAN
0
 
LVL 1

Accepted Solution

by:
HHinOz earned 125 total points
ID: 9704537
Go to http://www.smallbizserver.org and from the top menu choose "SBS2000" and then "networks" and choose the configuration that you have:  Router/non Static/Dynamic IP.

Always works for me.

I umnerstand why you DO NOT want ISA, but the defaults seem to almost work.

Good luck etc...
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 7s template 4 86
How to add a CDROM boot option on a Dell 5810 workstation 4 59
GPO Not Applying 5 51
check which file take most of the disk space 16 57
Many people don't really know what the difference is between memory and storage. And most regular users don't understand the relationship between any of those fancy words printed on the front of their new computer. Of course, it's perfectly fine -- …
Basic computer tune-up with little or no hardware upgrades. Giving an old computer a tune-up usually results in a minimal performance gain, but a gain nonetheless. Several times a week, I’m faced with users at work who ask to make their computers…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question