DCHMIEL
asked on
second network card problem for terminal server
Hello,
I have three servers but one is taken out of the equation as it is my SQl server and i am leaving it as it is.
So i have a front end server that conncts directly to my Router and the internet. This is my SBS 2003. It has two network cards. A 10.*.*.* for my WAN connection and a 192.*.*.* range for my internal network.
My storage server which is a 2003 server has a 192 Range and thats it. This server will be my terminal server and is already set up as a terminal server.
My problem is that when i remote in from outside my network i cannot gain access to my terminal server.
I have installed another network card and put a 10 range static address. tried to remote in and no connection to terminal server. I brought up a command prompt and tried to ping the 10 range on the SBS server and it times out. It is as if the two cards on the network cant see each other. Both cards go into the same switch.
Please tell me what i am doing wrong?
I have three servers but one is taken out of the equation as it is my SQl server and i am leaving it as it is.
So i have a front end server that conncts directly to my Router and the internet. This is my SBS 2003. It has two network cards. A 10.*.*.* for my WAN connection and a 192.*.*.* range for my internal network.
My storage server which is a 2003 server has a 192 Range and thats it. This server will be my terminal server and is already set up as a terminal server.
My problem is that when i remote in from outside my network i cannot gain access to my terminal server.
I have installed another network card and put a 10 range static address. tried to remote in and no connection to terminal server. I brought up a command prompt and tried to ping the 10 range on the SBS server and it times out. It is as if the two cards on the network cant see each other. Both cards go into the same switch.
Please tell me what i am doing wrong?
Did you add a default gateway that points to ip of the internet router for the interface with the wan connection? If not, add it.
Your switch is not bridging between the 2 networks, you need a router/firewall wich knows about and has access to both networks to do that.
I would recommend the following setup:
internet <-> adsl/cable/etc router <-> router/firewall (if any) <-> external interface sbs (10.x.x.x) <- sbs 2003 -> internal interface sbs (192.x.x.x) <-> switch <-> sotrage and sql server and other internal network computers
you could also have an DMZ, to do this you would define a DMZ ip or ip range on your firewall, preferably on a third network card, and connect the terminal server and the sbs server to this network card (using another switch or hub).
internet <-> adsl/cable/etc router <-> router/firewall (if any) <-> switch <-> internal network
|
|--> dmz switch <-> external interface sbs (10.x.x.x)
|--> storage server
|--> sql server
Hope the drawing survives ...
port forward port 3398 of an external ip address to your terminal server and you should be all set.
allow traffic from your internal network to your sbs server
Your switch is not bridging between the 2 networks, you need a router/firewall wich knows about and has access to both networks to do that.
I would recommend the following setup:
internet <-> adsl/cable/etc router <-> router/firewall (if any) <-> external interface sbs (10.x.x.x) <- sbs 2003 -> internal interface sbs (192.x.x.x) <-> switch <-> sotrage and sql server and other internal network computers
you could also have an DMZ, to do this you would define a DMZ ip or ip range on your firewall, preferably on a third network card, and connect the terminal server and the sbs server to this network card (using another switch or hub).
internet <-> adsl/cable/etc router <-> router/firewall (if any) <-> switch <-> internal network
|
|--> dmz switch <-> external interface sbs (10.x.x.x)
|--> storage server
|--> sql server
Hope the drawing survives ...
port forward port 3398 of an external ip address to your terminal server and you should be all set.
allow traffic from your internal network to your sbs server
--> I have installed another network card and put a 10 range static address. tried to remote in and no connection to terminal server. I brought up a command prompt and tried to ping the 10 range on the SBS server and it times out. It is as if the two cards on the network cant see each other. Both cards go into the same switch.
Are both of the "10" addresses on the same IP subnet?
Do you have a router within your network that can route between the 10 and the 192 network.
What IP subnet are you assigned when you remote in? Do you have a router that routes between that IP subnet and the 192 network.
Are both of the "10" addresses on the same IP subnet?
Do you have a router within your network that can route between the 10 and the 192 network.
What IP subnet are you assigned when you remote in? Do you have a router that routes between that IP subnet and the 192 network.
ASKER
Hi,
Thank you for all the responses.
If i select automatically assign a network IP adress, it assigns a 192 Range. I have made 100% sure that they are on the same subnet. As soon as i apply a 10 Range static IP i cant ping the 10 Range on the server.
What i have a 10.0.0.1 as the router
10.0.0.2 (external Wan card)
192.168.16.30 as the internal Lan Card.
TS = 192.168.16.50 (internal IP)
10.0.0.3 ( new IP i assigned).
If i log onto SBS and terminal server in on 10.0.0.2 it works fine. If i log onto the TS and remote onto 10.0.0.2 it wont connect. They are in the same switch.
I have a DMZ setting on my ROuter. i have tried this on both server IP;s and no luck. I cant ping the 10 Range from the TS either. It is just not seeing each other!
Is there something else i can try. I dont have another internal Router only my one that leads out to the internet.
Thx guys
Thank you for all the responses.
If i select automatically assign a network IP adress, it assigns a 192 Range. I have made 100% sure that they are on the same subnet. As soon as i apply a 10 Range static IP i cant ping the 10 Range on the server.
What i have a 10.0.0.1 as the router
10.0.0.2 (external Wan card)
192.168.16.30 as the internal Lan Card.
TS = 192.168.16.50 (internal IP)
10.0.0.3 ( new IP i assigned).
If i log onto SBS and terminal server in on 10.0.0.2 it works fine. If i log onto the TS and remote onto 10.0.0.2 it wont connect. They are in the same switch.
I have a DMZ setting on my ROuter. i have tried this on both server IP;s and no luck. I cant ping the 10 Range from the TS either. It is just not seeing each other!
Is there something else i can try. I dont have another internal Router only my one that leads out to the internet.
Thx guys
ASKER
Also i have added in the correct default gateways on both cards. thx
ASKER
Just a thought but would Routing and remote access help me at all
"If i select automatically assign a network IP adress, it assigns a 192 Range". Then it is one way or another connected to a port on the 192.x.x.x network. I know you say it is on the same switch, are you sure it has not been changed so that different ports are on different VLAN's??
Do you have a dumb switch / hub you could try to put all three 10.x devices into (or temproarily swap the cable with the SBS server?
RRAS isn;t relevant IMHO.
Steve
Do you have a dumb switch / hub you could try to put all three 10.x devices into (or temproarily swap the cable with the SBS server?
RRAS isn;t relevant IMHO.
Steve
ASKER
Hi,
sorry not quite sure what you mean. I unfortunitly dont have a spare switch to use as a test. And sorry what do you mean temp swop SBS cable.
thx
sorry not quite sure what you mean. I unfortunitly dont have a spare switch to use as a test. And sorry what do you mean temp swop SBS cable.
thx
I mean currently you have a cable going from your router into SBS and you can get to the server over RDP from outside. If you put the same cable into your terminal server 10.x.x port then you will know there is no switch issue there and it should get a 10.x.x.x address or start working for remote access.
if so then your switch must be connected to both network perhaps?
Steve
if so then your switch must be connected to both network perhaps?
Steve
ASKER
oh ok. Its hard to go offline for a bit but i will find a time in the day and try this. Will let you know the outcome. just to clarify then if it works then it would mean the switch must be connected to both networks. If it does not work what would you think it could be?
i will test this however and see where things stand.
Thank you
i will test this however and see where things stand.
Thank you
If you are picking up a 192.x address when connected to it then ultimately it is connected somehow to a dhcp server that is giving out 192.x.x addresses... is that your SBS server or router?
Steve
Steve
ASKER
Hi ,
Still waiting for a go ahead to take off line for a few min. I am not sre but i think my server is dealing out ip's.
Still waiting for a go ahead to take off line for a few min. I am not sre but i think my server is dealing out ip's.
ASKER
Hi,
I have still not had the chance to change the cables. I have however gained some progress. I pluged My terminal server Wan connection to the back of LAN port 2 in the router. Earlier when i tried this did not work but somehow after fiddling around i am able to ping my TS from my SBS on the 10 Range. I can also ping my router 10.0.0.1 from my TS but i cannot ping my internal WAN (10.0.0.X) from my TS. But this has got a lot better.
I have still not had the chance to change the cables. I have however gained some progress. I pluged My terminal server Wan connection to the back of LAN port 2 in the router. Earlier when i tried this did not work but somehow after fiddling around i am able to ping my TS from my SBS on the 10 Range. I can also ping my router 10.0.0.1 from my TS but i cannot ping my internal WAN (10.0.0.X) from my TS. But this has got a lot better.
ASKER
Hi again sorry i feel like i am telling a story lol. Well i have just set the dns on the wan card on the TS WAn port to the router and now i can ping the whole network. seems to include the 10 range too. I have tried to remote in on the TS but still come through on the SBS.
ASKER
Sorry again. i dont seem to be able to ping my WAN card from the TS again but can ping everything else. i can ping the WAn card sitting at my desk but not from the TS. Sorry i knoe the story has change but the last comment of mine can be deleted.
I assume you were pinging by IP.... DNS shouldn't come into it ? You will still need to come into externally using RDP client to your other port (3390 say) which yuou have forwarded through to the new 10.x.x.x address.
ASKER
Hi
i have been using the ping ip's. I now have it again where i can ping everything but still cant gain access through remote desktop via outside my network.
i am thinking i have not got it correct on my Router. I have my SBS server back on 3389 and my terminal on 3390. I can terminal server into my SBS but cant access my TS.
I am having a go at it now but i must have something wrong there. Through this connection will i be able to access either server when it is up and running using a different port or will i be restricted to one server - Dont mind really as long as one works but wanted to know incase i get the one up and i carry on for nothing.
But back to i still cant access my TS
i have been using the ping ip's. I now have it again where i can ping everything but still cant gain access through remote desktop via outside my network.
i am thinking i have not got it correct on my Router. I have my SBS server back on 3389 and my terminal on 3390. I can terminal server into my SBS but cant access my TS.
I am having a go at it now but i must have something wrong there. Through this connection will i be able to access either server when it is up and running using a different port or will i be restricted to one server - Dont mind really as long as one works but wanted to know incase i get the one up and i carry on for nothing.
But back to i still cant access my TS
ASKER
Right this is now 100% the way it is.
I dont know why i was able to ping everything but it seemed like it did not change my IP address properley.
So i am able to ping the 10 subnet on the TS from my SBS. I am able to ping my router from my TS but i am not able to ping my wan card on the sbs. I have connected my Wan cable from the TS to the Router and that is the only way i can ping my TS from my SBS. If i remove it , it wont ping.
I have 4 lan ports at the back of the router. I tried putting an extra cable from router to switch but that did not improve anything.
So it seems that when i try to ping my sbs from TS it does not get passed the router. Sorry for past comments but it is definitly now the way i have just explained this.
I dont know why i was able to ping everything but it seemed like it did not change my IP address properley.
So i am able to ping the 10 subnet on the TS from my SBS. I am able to ping my router from my TS but i am not able to ping my wan card on the sbs. I have connected my Wan cable from the TS to the Router and that is the only way i can ping my TS from my SBS. If i remove it , it wont ping.
I have 4 lan ports at the back of the router. I tried putting an extra cable from router to switch but that did not improve anything.
So it seems that when i try to ping my sbs from TS it does not get passed the router. Sorry for past comments but it is definitly now the way i have just explained this.
What is your router. Have a look at www.portforward.com for instructions on how to configure (I think I posted this in a previous Q). Try a ShieldsUp! scan using http://www.grc.com to check what ports are open from outside.
If you wish send me an email to the address in my profile (click on dragon-it link) with the external IP and ports used and I will try the rdp from here -- I won't be able to get in since no passwords etc. Just to try the access for you.
Steve
Is there any reason why you can't just plug the two devices (TS and SBS) into the two hub/switch ports on your router . I presume the switch you mention involved here is ONLY used for the 10.x address WAN side?
From what I see you should have
Router ------------------
| | |
SBS server TS WAN device switch
| |
LAN SWITCH
|
User PC's
Remind me the model of switch so I can look at the spec.
Steve
From what I see you should have
Router ------------------
| | |
SBS server TS WAN device switch
| |
LAN SWITCH
|
User PC's
Remind me the model of switch so I can look at the spec.
Steve
Sorry I mean model of router.
ASKER
Hi there,
im am tackling this all again. Model of Router is DSL 504T. Thank you. The setup before i even started all the terminal SErver business - was that the sbs WAN connection was already in the port 1 on the router. I have now put the TS in port 2 which is why i can now ping my TS from my SBs but for some reason i cant ping my sbs from TS.
thank you.
im am tackling this all again. Model of Router is DSL 504T. Thank you. The setup before i even started all the terminal SErver business - was that the sbs WAN connection was already in the port 1 on the router. I have now put the TS in port 2 which is why i can now ping my TS from my SBs but for some reason i cant ping my sbs from TS.
thank you.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
YESSSS!!!!! Your a Legend. THANK YOU SO MUCH!!!! I have just tested and all seems ok. I am going home and testing it on my home connection but its looking good. Just wanted to say thank you again and you really know your stuff. Speak to you soon im sure.
Glad we got there in the end. Good luck with it!
Steve
Steve
e.g.
10.0.0.1 router
10.0.0.2 SBS server
10.0.0.3 other server
255.255.255.0 subnet mask
10.0.0.1 default gateway for the two servers
Get the ping working first from server to server or server to / from router then try an RDP from SBS server to the other one using it's 10.x.x.x address and then it should work from outside through your port forward rules.
Post your internal IP's and subnet masks for each 10.x subnet if not sure
Steve
Steve