• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 246
  • Last Modified:

SBS 2003 Standard, 2 NICs, .local and .com domains, and email problems

I am somewhat of a newbie when it comes to setting up DNS entries and configuring Exchange, so please bear with me.

Here is my current setup:

Public IP (static) -> DSL Modem/Router -> NIC 1 (192.168.1.2) -> SBS (DHCP, DNS, Exchange, IIS) -> NIC 2 (192.168.16.2) -> local network

I am able to connect to the net with no problem as well as connecting to the internal website (companyweb).

My domain name (xyz.com) is hosted with GoDaddy and I think I have those DNS records set up properly to point to my public IP address. Here is what they look like:

 A (Host)        
Host      Points To         TTL
@       xxx.xxx.xxx.xxx   3600
      
mail       xxx.xxx.xxx.xxx   3600

CNAMES (Aliases)             
Host      Points To      TTL
www       @               3600
ftp           @               3600

MX (Mail Exchange)             
Priority      Host      Goes To                TTL
0                 mail       xxx.xxx.xxx.xxx    3600

On the Exchange side of things I have this so far:

Server Mgmt -> Advanced Mgmt -> First Organization -> Recipient Policies -> Default Policy -> Properties -> Email Addresses ->

xyz.com (default)
xyz.local
x400

My DNS only has the .local forward lookup zone so far. I need help configuring the rest of it.

If anything else is needed, let me know.

Now, here is what I'm trying to accomplish.

Keep the server as a Gateway, be able to send/receive mail on this box for xyz.com, have the xyz.local and xyz.com domains accessible from the internal side and have xyz.com available to the outside, and be able to connect to the Exchange server from both sides with Macs and PCs.

I have figured out how to connect the Macs to folder shares using SMB, so no problems there.

I would like to keep the set up the way it is with 2 NICs (I guess I just like the physical seperation).

Sam
0
indy1979
Asked:
indy1979
  • 3
  • 3
1 Solution
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Your setup is quite normal, except that you should really NOT host a public website (www.xyz.com) on your SBS.  This is truly a major security risk, and if you want to host your own site it's suggested that you do so on a separate server in a DMZ.  However, I'd suggest that you host it in a major hosting facility such as GoDaddy or any other of your choice.

Then...you don't configure DNS manually with an SBS.

You should ONLY use the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > Internet and Email)

A visual how-to is here:  http://sbsurl.com/ceicw and a full networking overview for SBS is at http://sbsurl.com/msicw

Within that wizard you'll see a "more information" button on each screen that has invaluable help in deciding which options to select.  Be sure to check those out as well.

T
Jeff
TechSoEasy
0
 
indy1979Author Commented:
Ok, so let's take the external web site out of the picture.

I'm still having trouble with exchange. It is not receiving mail from the internet. I'm on a business DSL line from Bellsouth, so the ports shouldn't be blocked.

I have a user set up (through the Server Management screen) somebody and the email address listed is somebody@xyz.com which is what it's supposed to be.

How do I get Entourage 2004 to connect to this account and download the mail? Mail should be coming directly to my exchange server so I don't need the POP3 connector.

Sam
0
 
indy1979Author Commented:
Update, got Entourage to connect successfully to the Exchange server. I can send email out, but it is still not receiving from the internet.

Sam
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
WHOAH... I didn't see that coming... it would have been a very good idea to indicate that you were connecting with a Mac for this... since there is a problem with your overall configuration if that's the case.  If you use Macs on your SBS Network, you should not use a .local domain name (instead use something like .lan).  This is because Macs use .local as their internal space which will cause a conflict.

See http://sbsurl.com/mac for complete details.

There are some workarounds... but if this is a new install, I'd suggest you flatten and start over (no way to change a domain on SBS otherwise).  In the long run, you'll be much happier.

Jeff
TechSoEasy
0
 
indy1979Author Commented:
Ok, thanks for that Jeff. I'll flatten and use another domain name. What kind of issues are there if I were to use my purchased .com name?

Sam
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
There is no relationship between your internal domain and your Internet domain.  If you use your .com for your Internal domain then you would need to manually configure DNS entries internally in order for computers within your LAN to find your website hosted elsewhere.  Although some experts will tell you that it's okay... I prefer not to do that because I think it blurs the lines between the Internet and your internal domain which could then cause a major security problem.

You should really review the "Your Network" section of the SBS Getting Started Guide (http://sbsurl.com/net101).  And be sure to follow the Getting Started Guide when you rebuild:  http://sbsurl.com/start

Jeff
TechSoEasy
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now