Solved

SBS2000 Multihomed Configuration

Posted on 2003-10-28
4
286 Views
Last Modified: 2010-04-26
I have a SBS2000 that we do not use ISA.  I have actually uninstalled ISA of this machine.  It has 2 NICs.  I need to have one with the LAN subnet, 192.168.15.0 and the other with our public ip.  I want the public IP to accept client VPN connections.  I have ran the RRAS configuration wizard.  I guess my question is how to congiure the adapters.  We have a gateway on the LAN, .15.1 and a gateway from our ISP for the public address.  I do not hink the computer would be happy with 2 default gateways.
Thanks
0
Comment
Question by:bprimm
  • 2
4 Comments
 
LVL 32

Expert Comment

by:jhance
ID: 9634958
If you are going to have two NICs, one having a PRIVATE IP (i.e. 192.168.0.0) you MUST use either ISA Server or some other NAT routing software.  Windows 2000 (including SBS 2000) does NOT do NAT routing on it's own.  It does do ROUTING but your private IPs will not be routed beyond the next router in the network path if you ERRONEOUSLY configure your SBS2000 server to route 192.168.0.0 hosts to the "internet".

If you prefer not to use ISA Server (which I don't understand why you wouldn't use) there are 3rd party alternatives.  I've used WinGate in the past and bee very satisfied.
0
 
LVL 32

Expert Comment

by:jhance
ID: 9634974
BTW, a useful alternative here is to use a HARDWARE NAT router, which is something that is very inexpensive today, to accomplish the NAT function without having to use ISA Server or buy another software tool to run on the server.  In a recent installation I used a NetGear MR314 wired/wireless firewall/router to send all internet traffic out via the router's public IP.  It cost something like $35.00.
0
 
LVL 1

Author Comment

by:bprimm
ID: 9637591
I think I need to explain myself better.
Oh yea Yahoo considers emails from this bulliten as spam.

All I need to know is the best practice on configuring a multi-homed SBS2000 server without ISA.
We already have NAT configured on our router for the clients to access internet.

My specific question is considering the gateway field.  When setting up RRAS, i configured the VPN adapter (public IP)to only accept connections specific to the VPN (1723, 500, 47, etc).
What gateway do I use, the internal LAN or the ISP's router.

                                     T1 (15 IP addresses)
                                           ||         ||
NAT router for internet/firewall           NIC on SBS2000 for VPN
                         ||
       NIC on SBS2000 for LAN
0
 
LVL 1

Accepted Solution

by:
HHinOz earned 125 total points
ID: 9704537
Go to http://www.smallbizserver.org and from the top menu choose "SBS2000" and then "networks" and choose the configuration that you have:  Router/non Static/Dynamic IP.

Always works for me.

I umnerstand why you DO NOT want ISA, but the defaults seem to almost work.

Good luck etc...
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Many people don't really know what the difference is between memory and storage. And most regular users don't understand the relationship between any of those fancy words printed on the front of their new computer. Of course, it's perfectly fine -- …
Computer running slow? Taking forever to open a folder, documents, or any programs that you didn't have an issue with before? Here are a few steps to help speed it up. The programs mentioned below ALL have free versions, you can buy them if you w…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now