• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 320
  • Last Modified:

Network Architecture Advice

I'm coming into this situation where someone else set things up.  I just started looking into a network layout and I'm not sure that I like what I see.  I want to run this by everyone for some advice.  Currently, I'm looking at a network where the domain server is running on windows 2003 business server.  There is one server running linux and two more servers running windows 2003.  Exhange is running on one of the two windows 2003 servers.  VPN access is setup on the exhange server.  Does this layout seem correct?  Does anyone have any suggestions?  I also don't think the system was managed well before because there seems to be some DNS issues on the network.  Any advice would be appreciated.  Should I just start from scratch and reload the main domain server that runs windows 2003 business server?  Thanks in advance your all of your help.
1 Solution
I would not run VPN on the exchange server, for security reasons.  You never want to put your DC or exchange on the edge of you network.  You can run DNS on the DC.  You need one server for DC and DNS, the other for exchange.  You don't need to buy another server to run a backup DC and DNS, just use a desktop.  What is running on the linux box?  You could redo that one and run VPN on it.  
QuetysisAuthor Commented:
An oracle database is running on the linux server.  Maybe we should look at getting a cisco system for our VPN solution.  What do you think?  
absolutly, was was going to bring that up but it is expensive.  You would need to look into getting a vpn concentrator and that is a much better solution than using windows.  Do you have some money to spend?  I'm just guessing because I have never looked at the cheaper ones but I would say about 10K.
I don't see a firewall mentioned in your description - depending on the size of your network, you may be able to get a cheaper cisco which could handle your VPN connections and do some firewalling as well (the concentrators are geared towards mucho VPN connections - if you only need a few, you likely don't need the concentrator).

I was going to say the same - a 501 is man enough for most smaller networks and only costs a few hundred pounds.

I dont really see having the vpn handled on your exchange server sepcifically as a huge problem in itself, if its implemented correctly. Generally a vpn will give full access into your network, including your exchange server. Small business setup tends to be a matter of compromise.

The network layout does sound unusual in that if you are running SBS the network, usually exchange would be running on this - not on a seperate server.

I would get to concerned about the VPN issue just yet. If you are considering formatting an SBS server and 'starting over' because of a few dns problems, you have far greater things to worry about, such as job security.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now