?
Solved

Users on both LANs need to access multi-homed stand-alone W2k3 server shares

Posted on 2005-03-19
11
Medium Priority
?
223 Views
Last Modified: 2010-04-18
I've installed a w2k3 stand-alone server with two nics connected to two LANs. LAN1 is an w2k AD domain and LAN2 is not. i need users on LAN2 to be able to put their project files on this server and also to have users from LAN1 to be able to access these shares for reading and writing. this is the only server on LAN2. how can i allow users on both LANs to do this? also, can this stand-alone server perform dhcp services for LAN2?
0
Comment
Question by:demus619
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
11 Comments
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13589891
Is this your scenario: -

-----W2k3 Stand-Alone---------LAN1---------------SWITCH---------------W2k Domain DC : - 192.168.1.3
            |192.168.1.2                                         |  |
            |                                                          |  +--------------------PC1 : - 192.168.1.5
            |                                                          +-----------------------PC2 : - 192.168.1.6
          LAN2
            |
            |
        SWITCH
         |  |
         |  +--------------------PC3 : - 192.168.1.7
         +-----------------------PC4 : - 192.168.1.8

If this is not your scenario then please make necessary changes and re-post it as it is.

>>>i need users on LAN2 to be able to put their project files on this server and also to have users from LAN1 to be able to access these shares for reading and writing.

Which server you are pointing in this scenarion? If you are pointing to W2k3 Stand Alone then then can access it easily using the routing. You need to add routing in this server for TCP Packets to be transffered using the Default Gateway.

>>>This is the only server on LAN2. how can i allow users on both LANs to do this?

Please tell us which server you are pointing here.

>>>Can this stand-alone server perform dhcp services for LAN2?
Yes it can if you make it member of domain and then authorize in Active Directory to service client requests. It will be your multihomed server....you need to make some changes to your scenario and let us know.

Thanks
SystmProg
0
 

Author Comment

by:demus619
ID: 13591581
yes,  like this.
>Is this your scenario: -

---W2k3 Stand-Alone--192.168.2.130--LAN1----SWITCH-------------W2k Domain DC : - 192.168.2.138
            |192.168.1.2                                         |  |
            |                                                          |  +--------------------PC1 : - 192.168.2.170
            |                                                          +-----------------------PC2 : - 192.168.2.171
          LAN2
            |
            |
        SWITCH
         |  |
         |  +--------------------PC3 : - 192.168.1.7
         +-----------------------PC4 : - 192.168.1.8
0
 

Author Comment

by:demus619
ID: 13598074
>Which server you are pointing in this scenarion? If you are pointing to W2k3 Stand Alone then then >can access it easily using the routing. You need to add routing in this server for TCP Packets to be >transffered using the Default Gateway.

not sure what you mean by pointing?  both nics have different gateway addresses. i haven't added routing to this server but i guess i can. could be problematic with both nics having different gateways.

what i was wanting was for users on LAN2 to store files on the w2k3 stand alone server and to also have some users on LAN1 to be able access these files for reading and writing. however, i didn't want users from LAN1 to be able to access any other servers past this w2k3 server that now sits inbetween both lans. hope that makes some sense.

>>>This is the only server on LAN2. how can i allow users on both LANs to do this?

>>>>Please tell us which server you are pointing here.

this question i am not clear on?


>>>Can this stand-alone server perform dhcp services for LAN2?
>>>>Yes it can if you make it member of domain and then authorize in Active Directory to service client requests. It will be your multihomed server....you need to make some changes to your scenario and let us know.

should this new server be made part of my domain on the 192.168.2.0 LAN? or would i create a new domain for the other LAN?

 


Thanks
SystmProg
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13599268
>>>what i was wanting was for users on LAN2 to store files on the w2k3 stand alone server and to also have some users on LAN1 to be able access these files for reading and writing. however, i didn't want users from LAN1 to be able to access any other servers past this w2k3 server that now sits inbetween both lans. hope that makes some sense.

One second...your ultimate goal is above.

>>>i was wanting was for users on LAN2 to store files on the w2k3 stand alone server

So PC3 and PC4 can store files on W2K3 Stand-Alone server because they are on the same subnet (192.168.1.0)

>>>and to also have some users on LAN1 to be able access these files for reading and writing.

So PC1 and PC2 need to route their packets to 192.168.1.2 interface. But before routing tell me their gateway address.

>>>however, i didn't want users from LAN1 to be able to access any other servers past this w2k3 server that now sits inbetween both lans. hope that makes some sense.

Ok.....so the solution is Host Routing....

So finally present a scenarion with IP Address, subnet mask and default gateway defined at each pc.

Thanks
SystmProg
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13599276
A Host Route is a route where if the TCP/IP packets are not destined for the subnet it will send these packets to Host Route (Here Host Route is W2k3 server).
0
 

Author Comment

by:demus619
ID: 13603296
>>>what i was wanting was for users on LAN2 to store files on the w2k3 stand alone server and to also have some users on LAN1 to be able access these files for reading and writing. however, i didn't want users from LAN1 to be able to access any other servers past this w2k3 server that now sits inbetween both lans. hope that makes some sense.

>>>>One second...your ultimate goal is above.

yes, that is it. sorry for the lack of a better description


>>>i was wanting was for users on LAN2 to store files on the w2k3 stand alone server

>>>>So PC3 and PC4 can store files on W2K3 Stand-Alone server because they are on the same subnet (192.168.1.0)

yes, and PC1 and PC2 should be able to access these files also



>>>and to also have some users on LAN1 to be able access these files for reading and writing.

>>>>>So PC1 and PC2 need to route their packets to 192.168.1.2 interface. But before routing tell me their gateway address.

PC1 and PC2 should be able to send packets to 192.168.2.130 to access files on that server. why would they need to route to 192.168.1.2 interface?    PC1 and PC2 gw is 192.168.1.129 currently.


>>>however, i didn't want users from LAN1 to be able to access any other servers past this w2k3 server that now sits inbetween both lans. hope that makes some sense.

Ok.....so the solution is Host Routing....

>>>>So finally present a scenarion with IP Address, subnet mask and default gateway defined at each pc.

hope this helps



                              +-192.168.2.129-FW--router--Internet  
                              |
                              |
     192.168.2.130--LAN1----SWITCH-----W2kDC--192.168.2.138(a-domain.internal)
     |                        ||
     |                        |+--------PC1-192.168.2.170 gw:192.168.2.129 (a-domain.internal)      
     |                        +---------PC2-192.168.2.171 gw:192.168.2.129 (a-domain.internal)
--W2k3SA
     |                        +---------PC3-192.168.1.144 gw:192.168.1.129 (workgroup)                        
     |                        |+--------PC4-192.168.1.145 gw:192.168.1.129 (workgroup)
     |                        ||
     192.168.1.130--LAN2----SWITCH
                              |          
                              |
                              +-192.168.1.129-FW--router--Internet                                        


current setup is like above. i have not added routing services to W2k3SA yet. i hope to allow users on both lans to read+write to shares on the W2k3SA server.

thanks for your time!
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13610401
                             +-192.168.2.129-FW--router--Internet  
                              |
                              |
     192.168.2.130--LAN1----SWITCH-----W2kDC--192.168.2.138(a-domain.internal)
     |                        ||
     |                        |+--------PC1-192.168.2.170 gw:192.168.2.129 (a-domain.internal)      
     |                        +---------PC2-192.168.2.171 gw:192.168.2.129 (a-domain.internal)
--W2k3SA
     |                        +---------PC3-192.168.1.144 gw:192.168.1.129 (workgroup)                        
     |                        |+--------PC4-192.168.1.145 gw:192.168.1.129 (workgroup)
     |                        ||
     192.168.1.130--LAN2----SWITCH
                              |          
                              |
                              +-192.168.1.129-FW--router--Internet                                        


First of all.

You have one share created "Docs" on W2k3SA. Now PC1 and PC3 can easily access it because they both are connected through LAN1 (PC1) and LAN2 (PC3). So i think both the PC1 and PC3 can ping W2K3SA computer.

PC1 is member of domain and PC3 is member of a workgroup and they both are trying to access a stand alone server in network. When PC1 or PC3 access W2K3SA server using UNC (\\192.168.1.129) do they get User Name Dialouge box? If yes then you need to create a user account on W2K3SA which can be used to access data on a workgroup system.

Let me know.

Thanks
Nirmal
0
 

Author Comment

by:demus619
ID: 13616429
created two shares and two local groups with local usernames on the w2k3sa server.  pc's from LAN1 and LAN2 can see the workgroup/server in explorer.  access dialog pops up when a user clicks on either share. if correct username/pw combo is given, then they can access the share of which group they belong to.

whether i have the routing service turned on or not this seems to be working.

is it better to have the routing service turned in the scenario or left not running? guess if i have to turn it on then i'll apply filters to each nic to ensure how traffic flows. and i will turn on dhcp services for LAN2.

thanks!
0
 
LVL 35

Accepted Solution

by:
Nirmal Sharma earned 2000 total points
ID: 13619211
>>>is it better to have the routing service turned in the scenario or left not running? guess if i have to turn it on then i'll apply filters to each nic to ensure how traffic flows. and i will turn on dhcp services for LAN2.

Not necessary to turn on Routing Services on server because they can ping and access shares on server. You need to create an user account which is available for all PCs on both the LANs and put this user account in a restricted group on local server. This should do the job for you. You can enable DHCP server on LAN2.

Let me know.

Thanks

0
 

Author Comment

by:demus619
ID: 13619433
thanks for your help, really appreciate it. i created local groups for each share and added appropriate user names to each group utilizing them for acccess permissions for appropriate shares. more granular for accounting.

mucho thanks again!
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13619654
Thanks!
:-)
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question