How to setup a domain network with remote access, web and email servers

Posted on 2005-04-27
Last Modified: 2010-04-14
Hi, I am new to networking and need to setup a domain network for a small company with 20 PCs.

The comapny has four departments: Finance, administartion, production and designs. Each department require access to their own servers. However, they are not allowed to see each others resources and internal servers. I have to fulfill the following requirements:

Every department must have access to the email servers and database servers.
Finance should be able to see all resources
Admin shoud only see their own resources, email, database and web servers.
NB. Finance and admin share the same resources but admin must have restricted access.
Production and designs are only allowed to access the email and databse servers.
NB Production and designs share the same resources but each have restircted rights. These are different from that of the Finance and Admin reources.
I need to allow remote or vpn access so that senior management can access all the resources in the office from home.

I have an ADSL connection, a router, two DELL servers, a few hubs and layer 2 switches to work with. How do i design the the network?
I am considering in using two subnets, one for the admin and finance, and the second one for the other two departments. Would this work for restricting PCs in different departments from seeing each other or do i just need GPOs?

I am using microsoft windows server 2000, exchange server 2000 and SQL server 2000. On which servers do I make DNS, DHCP, DC email and web servers on? I only have two and I am not sure which one should be connected to the router to allow internet access.

This may seem like a big requirement, but I really need help!!

Thank you.
Question by:sayeed101
    LVL 30

    Accepted Solution

    Allot of work :-)

    ADSL  -->  Router --> Switches/Hubs --> Connect all computers to the Switches/Hubs

    I myself prefer to use Static IP's for all the computers in the Network.
    This makes it much nicer. For DHCP Address, sometimes when they release and renew them selves.
    You will have a slight delay (Unrecognizable) in the connection with the Network.
    Depending on how many machines are online (Connected) to the network at one time.
    Will depend on the "Delay" On the Release and Renew of the IP Address's per machine.

    If you run all static IP's to all computers within the Network.
    You will not have to worry about the "Release/Renew" of the IP Address.
    As it is a fixed/static IP that will never change.
    You will also be able to administer the network a lot better with knowing who has what.

    Also if the network is going to have some type of Network Monitoring software installed.
    You will not have to worry about looking through the logs to see who had what IP Address
    At a given time when I problem accured.
    With everyone being on Static IP's. You simply look at the log.
    Which IP Address connected that could have caused the problem.
    And then fix the issue
    (This of course, is just my opinion on using Static vs. Dynamic IP Address)

       The Windows 2000 Server --> Setup [Active Directory] on the Main Server
    Active Directory, you will be able to set up all the permissions for all the Users/Groups
    Within the Network

    Google Links to Active Directory
    Also you need to setup DNS on this server as well.

    Google links to both Active Directory & DNS

    In the Win2k Server that has "Active Directory" You will be able to go through and add
    In all Users:
    Where they can go
    What they can Access
    And so forth.

    All computers that are connected to the Network will use this Server to get out onto the Internet.
    By using it's DNS IP Address and ONLY Its DNS IP Address alone.

    Make the other Win2k Server handle the "Exchange & SQL"
    I do not use them personally; so I am not sure about Resources, I am sure someone else can come
    In to add to this as to how to set them up correctly.
    I am sorry that I cannot be of much assistance to you on this, besides what I have
    Already stated in the above information. But I am learning Win2k3 Server's [Active Directory] myself.

    I will say this much.
    Get a DVD+R Burner.
    Once you have the network setup the way that you want it.
    Do a "Backup" It is simple.
    If you have the DVD+R Burner installed onto the Main 2k Server.
    Then you will be able to Backup your Server onto the DVD+RW Disk (You will want to have a
    Rewritable Disk) So that you can do your backups.

    To do a Full Backup, it took 1.7Gb (Yes, 1.7 Gigs) to do a FULL Backup.
    So if anything happens to the network.
    You will have the information to get it backup and running with little Down-Time.

    I know that this is not enough information for you.
    But I am sure others will come in and assist.
    If I think of anything else, I will post it here.

    Take Care
    LVL 30

    Expert Comment

    by:Wayne Barron
    No comment has been added to this question in more than 21 days, so it is now classified as abandoned..
    I will leave the following recommendation for this question in the Cleanup topic area:
    [Accept: carrzkiss]

    Any objections should be posted here in the next 4 days. After that time, the question will be closed.

    EE Cleanup Volunteer

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Suggested Solutions

    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now