Solved

SBS 2003 Standard, 2 NICs, .local and .com domains, and email problems

Posted on 2006-10-31
6
176 Views
Last Modified: 2010-04-19
I am somewhat of a newbie when it comes to setting up DNS entries and configuring Exchange, so please bear with me.

Here is my current setup:

Public IP (static) -> DSL Modem/Router -> NIC 1 (192.168.1.2) -> SBS (DHCP, DNS, Exchange, IIS) -> NIC 2 (192.168.16.2) -> local network

I am able to connect to the net with no problem as well as connecting to the internal website (companyweb).

My domain name (xyz.com) is hosted with GoDaddy and I think I have those DNS records set up properly to point to my public IP address. Here is what they look like:

 A (Host)        
Host      Points To         TTL
@       xxx.xxx.xxx.xxx   3600
      
mail       xxx.xxx.xxx.xxx   3600

CNAMES (Aliases)             
Host      Points To      TTL
www       @               3600
ftp           @               3600

MX (Mail Exchange)             
Priority      Host      Goes To                TTL
0                 mail       xxx.xxx.xxx.xxx    3600

On the Exchange side of things I have this so far:

Server Mgmt -> Advanced Mgmt -> First Organization -> Recipient Policies -> Default Policy -> Properties -> Email Addresses ->

xyz.com (default)
xyz.local
x400

My DNS only has the .local forward lookup zone so far. I need help configuring the rest of it.

If anything else is needed, let me know.

Now, here is what I'm trying to accomplish.

Keep the server as a Gateway, be able to send/receive mail on this box for xyz.com, have the xyz.local and xyz.com domains accessible from the internal side and have xyz.com available to the outside, and be able to connect to the Exchange server from both sides with Macs and PCs.

I have figured out how to connect the Macs to folder shares using SMB, so no problems there.

I would like to keep the set up the way it is with 2 NICs (I guess I just like the physical seperation).

Sam
0
Comment
Question by:indy1979
  • 3
  • 3
6 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17847095
Your setup is quite normal, except that you should really NOT host a public website (www.xyz.com) on your SBS.  This is truly a major security risk, and if you want to host your own site it's suggested that you do so on a separate server in a DMZ.  However, I'd suggest that you host it in a major hosting facility such as GoDaddy or any other of your choice.

Then...you don't configure DNS manually with an SBS.

You should ONLY use the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > Internet and Email)

A visual how-to is here:  http://sbsurl.com/ceicw and a full networking overview for SBS is at http://sbsurl.com/msicw

Within that wizard you'll see a "more information" button on each screen that has invaluable help in deciding which options to select.  Be sure to check those out as well.

T
Jeff
TechSoEasy
0
 

Author Comment

by:indy1979
ID: 17852215
Ok, so let's take the external web site out of the picture.

I'm still having trouble with exchange. It is not receiving mail from the internet. I'm on a business DSL line from Bellsouth, so the ports shouldn't be blocked.

I have a user set up (through the Server Management screen) somebody and the email address listed is somebody@xyz.com which is what it's supposed to be.

How do I get Entourage 2004 to connect to this account and download the mail? Mail should be coming directly to my exchange server so I don't need the POP3 connector.

Sam
0
 

Author Comment

by:indy1979
ID: 17854509
Update, got Entourage to connect successfully to the Exchange server. I can send email out, but it is still not receiving from the internet.

Sam
0
Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17854892
WHOAH... I didn't see that coming... it would have been a very good idea to indicate that you were connecting with a Mac for this... since there is a problem with your overall configuration if that's the case.  If you use Macs on your SBS Network, you should not use a .local domain name (instead use something like .lan).  This is because Macs use .local as their internal space which will cause a conflict.

See http://sbsurl.com/mac for complete details.

There are some workarounds... but if this is a new install, I'd suggest you flatten and start over (no way to change a domain on SBS otherwise).  In the long run, you'll be much happier.

Jeff
TechSoEasy
0
 

Author Comment

by:indy1979
ID: 17854958
Ok, thanks for that Jeff. I'll flatten and use another domain name. What kind of issues are there if I were to use my purchased .com name?

Sam
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 125 total points
ID: 17856821
There is no relationship between your internal domain and your Internet domain.  If you use your .com for your Internal domain then you would need to manually configure DNS entries internally in order for computers within your LAN to find your website hosted elsewhere.  Although some experts will tell you that it's okay... I prefer not to do that because I think it blurs the lines between the Internet and your internal domain which could then cause a major security problem.

You should really review the "Your Network" section of the SBS Getting Started Guide (http://sbsurl.com/net101).  And be sure to follow the Getting Started Guide when you rebuild:  http://sbsurl.com/start

Jeff
TechSoEasy
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the event you manage a Small Business Server 2003, and you are audited for PCI compliance, there are several changes you must make in order to pass the audit. I can take no credit for discovering any of these fixes or workarounds, but there is no…
I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question