2 NIC setup in SBS 2003 Standard
I'm running SBS 2003 Standard (no ISA) and I'm in the process of adding a 2nd NIC to the server. It's a simple network with 10 users connected to the server through a hub. The office connects to the Internet through a Netopia router supplied by our ISP. Before the addition of the 2nd NIC, everything is connected to the hub. The 2nd NIC (external) will connect to the ISP's router directly. The problem I'm having is with a Cisco router that connects our our office WAN. Before the 2nd NIC, it has been functioning correctly connected to the hub. Once I add the 2nd NIC and connect it to the ISP's router, users can't access the WAN. How do I hookup the WAN router in the new 2 NIC setup? Below is the setup I use for my 2 NIC configuration. Do they look right?
My internal NIC is:
IP ADDRESS 192.168.0.27
SUBNET MASK 255.255.0.0
DEAFULT GATEWAY BLANK
PREFERRED DNS SERVER 192.168.0.27
ALTERNATE DNS SERVER BLANK
PRIMARY WINS SERVER 192.168.0.27
CABLE GOES TO OFFICE HUB
My external NIC WILL BE:
IP ADDRESS 172.16.0.1
SUBNET MASK 255.255.255.0
DEAFULT GATEWAY 172.16.0.254
PREFERRED DNS SERVER 192.168.0.27
ALTERNATE DNS SERVER BLANK
PRIMARY WINS SERVER BLANK
NETBIOS OVER TCPIP DISABLED
CABLE GOES TO NETOPIA ROUTER (ISP CONNECTION)
My internal NIC is:
IP ADDRESS 192.168.0.27
SUBNET MASK 255.255.0.0
DEAFULT GATEWAY BLANK
PREFERRED DNS SERVER 192.168.0.27
ALTERNATE DNS SERVER BLANK
PRIMARY WINS SERVER 192.168.0.27
CABLE GOES TO OFFICE HUB
My external NIC WILL BE:
IP ADDRESS 172.16.0.1
SUBNET MASK 255.255.255.0
DEAFULT GATEWAY 172.16.0.254
PREFERRED DNS SERVER 192.168.0.27
ALTERNATE DNS SERVER BLANK
PRIMARY WINS SERVER BLANK
NETBIOS OVER TCPIP DISABLED
CABLE GOES TO NETOPIA ROUTER (ISP CONNECTION)
ASKER
Where is the Cisco connected? It's connected to the hub along with the server, all users and the ISP's router now.
Won't RRAS setup happen when I run ICW after installing the 2nd NIC?
Won't RRAS setup happen when I run ICW after installing the 2nd NIC?
ICW is a client-based version of RRAS. For a server, use RRAS.
Now, I'm a little confused with the Cisco. You have a Netopis to the ISP and the Cisco goes ... where?
Now, I'm a little confused with the Cisco. You have a Netopis to the ISP and the Cisco goes ... where?
ASKER
Cisco connects to the hub. Actualy, the server connects to the hub also as does our ISP router and all users.
ASKER
If users are looking for the WAN, I need to tell the server that it can't be found at the ISP's router(?) Is this a DNS problem?
You need to setup the ISP's router on one interface of the SBS server, the other interface goes to the hub.
As long as RRAS is setup as a firewall then it will route properly.
All your clients including the server must only point to your DNS server. On the Forwarder tab of the properties of the DNS server is where to put the ISP DNS server entries - nowhere else.
Where does the Cisco go to? I'm a little confused why you have 2 routers.
As long as RRAS is setup as a firewall then it will route properly.
All your clients including the server must only point to your DNS server. On the Forwarder tab of the properties of the DNS server is where to put the ISP DNS server entries - nowhere else.
Where does the Cisco go to? I'm a little confused why you have 2 routers.
ASKER
The Cisco connects us to our Wide Area Network via a T1 line.
Netman's comment about ICW is incorrect... Bruce means the Configure Email and Internet Connection Wizard (CEICW) which does set up RRAS, and is the only way you should configure an SBS.
Please see http://sbsurl.com/twonics for an example of how to set this up.
See http://sbsurl.com/ceicw and http://sbsurl.com/msicw for more info.
Jeff
TechSoEasy
Please see http://sbsurl.com/twonics for an example of how to set this up.
See http://sbsurl.com/ceicw and http://sbsurl.com/msicw for more info.
Jeff
TechSoEasy
I would note also that you should not use a 255.255.0.0 subnet for your internal IP range... there's no reason. A /24 subnet is just fine since you can not have more than 75 devices on your network anyhow.
Also, if you are having problems with the NICs connecting, check out their binding order in Network Connections > Advanced > Advanced Settings. The Internal NIC should be first.
Jeff
TechSoEasy
Also, if you are having problems with the NICs connecting, check out their binding order in Network Connections > Advanced > Advanced Settings. The Internal NIC should be first.
Jeff
TechSoEasy
ASKER
TechSoEasy: You're right about the subnet - it should be 255.255.255.0 (actually that was typo on my part, sorry). I have verified the binding order as internal NIC 1st.
Netman66: I have 2 routers plugged into my office hub - is that unusual (I'm still learning about networking)? The Netopia uses a crossover cable & the Cisco does not. Is that unusual? Should the Cisco WAN router be connected directly to the Netopia from our ISP? Right now the Cisco is in the hub.
Netman66: I have 2 routers plugged into my office hub - is that unusual (I'm still learning about networking)? The Netopia uses a crossover cable & the Cisco does not. Is that unusual? Should the Cisco WAN router be connected directly to the Netopia from our ISP? Right now the Cisco is in the hub.
No, it's not unusual. Most of the time you either have a single router with 2 interfaces, or you have the ISP split the Internet traffic out of the Point-to-Point link.
It's fine the way you have it. You should, however, change your hubs for switches.
It's fine the way you have it. You should, however, change your hubs for switches.
I think it sounds unusual. What is the ip scheme of your WAN? If you are trying to connect different private subnets on the same interface then the routers have to know about each other or the nic on your server has to know which way to route the traffic. Try adding a second ip address to the nic on your server in the same subnet as your WAN. Make the gateway your WAN router.
You can do this in the advanced tab of the tcpip properties.
You can do this in the advanced tab of the tcpip properties.
ASKER
Stevew1999: The internal NIC is IP 192.168.0.27 Subnet 255.255.255.0.
The address range of of the internal network is (static IPs) 192.168.0.20 -192.168.0.100.
The Cisco router has internal IP address 192.168.0.1. Through this router we access the WAN at 10.0.0.5. Will this be a problem?
Netopia router has internal IP address 192.168.0.254
For the external NIC I was going to set it's IP address to 172.16.0.1 and change the Netopia to 172.16.0.2. Does that sound reasonable?
The address range of of the internal network is (static IPs) 192.168.0.20 -192.168.0.100.
The Cisco router has internal IP address 192.168.0.1. Through this router we access the WAN at 10.0.0.5. Will this be a problem?
Netopia router has internal IP address 192.168.0.254
For the external NIC I was going to set it's IP address to 172.16.0.1 and change the Netopia to 172.16.0.2. Does that sound reasonable?
As long as there is a persistent rout to the WAN (10.0.0.5) then there is no issue.
route add 10.0.0.0 mask 255.255.255.0 192.168.0.1 /p
This needs to be added to every PC and server on the LAN.
I am assuming your mask is /24 for the 10.x network, but insert whatever it is (if it's different).
route add 10.0.0.0 mask 255.255.255.0 192.168.0.1 /p
This needs to be added to every PC and server on the LAN.
I am assuming your mask is /24 for the 10.x network, but insert whatever it is (if it's different).
What is all that for??? are you running other networks off your internet connection?
If not, I'd refer back to the http://sbsurl.com/twonics example I provided.
Jeff
TechSoEasy
If not, I'd refer back to the http://sbsurl.com/twonics example I provided.
Jeff
TechSoEasy
ASKER
TechSoEasy: I'm definitely learnng as I go so my description may contain incorrect terms, etc. I have the pages from http://sbsurl.com/twonics and they are very helpful. I'm just not sure how to do this 2 NIC setup incorporating the Cisco router that allows access the Company WAN via a T1 line. The last time I tried the switch to 2 NICs, the WAN was unavailable afterwards.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I agree with Netman66. If his schematic represents your situation then you'll need to use the route statement on your clients that he referenced in an earlier post.
route add 10.0.0.0 mask 255.255.255.0 192.168.0.1 /p
route add 10.0.0.0 mask 255.255.255.0 192.168.0.1 /p
ASKER
Thanks TechSoEasy and Netman66. I have tried to accomplish my goal of having 2 NICs for several weeks using some of the advice I received here and elsewhere. A tech at my local ISP convinced me to abandon the 2 NIC setup. He said that I have the Netopia firewall for security already and "Having a second NIC active on a separate network in a domain controller can cause problems that are very hard to isolate and fix".
You also need to make sure the clients only point to your server for DNS and the gateway.
Where is the Cisco connected - a little more on this setup would be helpful.