SBS Server 2003 with one NIC

Posted on 2006-11-16
Last Modified: 2010-04-10

I am looking for some advise .

I have a SBS 2003 server running a network in the following configuration.

Netgear ADSL firewall router (DG834 V2) connected to broadband through DSL phone line and RJ45 connection to a 1GIG SMCGS24 10/100/1000 switch.
The Small Business Server has only one NIC and is connected to the same SMC switch as the router.
10 network PC's are also connected to the switch.

Internet----------->ADSL Router-------> SMC Switch
                                                           |   |
SBS NIC--------------------------------------    |
10 XP PC's NICs---------------------------------

So, the SBS and all the PC's are directly connected to the router through the switch.
I am also allowing remote access through the router for members of the SBS domain to VPN into the network.

I have been told that SBS should really be set up with two NICS where one goes to the router and the other goes to the internal network (1O PC's)?
Will there be any difference in the way the PC's get broadband access compared to getting it through the SBS?
Would I be correct in saying that there will be less control over the broadband access since the PC's are not getting access through the SBS?

Is there are any potential pitfalls with my configuration above that I should review or should I be OK.


Question by:gmoconno
  • 4
  • 3
  • 2
  • +1

Expert Comment

ID: 17955231
in sbs there is an option for 1 nic as we normally put them behind a netscreen and so far havnt had any problems

Accepted Solution

Erutan409 earned 75 total points
ID: 17955615
"Will there be any difference in the way the PC's get broadband access compared to getting it through the SBS?
Would I be correct in saying that there will be less control over the broadband access since the PC's are not getting access through the SBS?"

Depending on the software you have installed on your server, you won't have much control over the access to the Internet if your PC's were connecting to the Internet via your server.  By default, the server software doesn't have built in tools to control access in the way you may want it to, but it does log all of the Internet activity of all of your PC's.  It's pretty useful when I want to see when a user has been using the Internet the most and from any specific day.  You can access these logs by going to "http://YOURSERVERNAME/monitoring".  I would suggest that it would probably be in your favor to setup your PC's to route through your server.,  You don't have to have two NIC's though to do this.  You can point your PC's gateway and DNS IP address to your server and still track your user's Internet activity.

Hope that helps!

Expert Comment

ID: 17955931
I forgot to add, that if you decide either way to install an additional NIC or just use one NIC and route your PC's through your server for Internet activity, that it's recommended that you run the Internet & Email Wizard from the Server Management App on your server to successfully configure your setup.

Assisted Solution

sr1xxon earned 75 total points
ID: 17956975
if you use 1 nic in SBS, you need to put it behind a firewall. This will be fine for outbound, but not for inbound connections.
This is moreso the case if you want to allow inbound access for management, remote desktop or whatever. Not sure if the netgear allows configuration for OpenVPN or the like.. but I'm pretty sure that netgear is a broadband router with basic firewalling (blocks any inbound) - though it has an unprotected DMZ port, this is a far cry from a managed firewall.

SBS does have it's own security stuff integrated, and this only really properly works when it's used with 2 nic's.
There's no way I would allow access to any microsoft server without it being correctly firewalled (and I don't mean by the inbuilt microsoft firewall)

connecting everything directly to the switch, you're relying on the netgear for security. If you connect the pc's to your SBS server (via a switch) and then your SBS to the broadband switch, then your SBS server is being used to manage the clients - this is how it is intended to be deployed.

considering you are using a gigabit switch, your 10 pc's should be fine. your bottleneck will be the broadband connection.

First, get a second nic, reconfigure connection/email as suggested by Erutan409, and be very careful with what you allow for remote access using only your broadband router for protection.

good luck.


Author Comment

ID: 17960178


Thanks to all for feedback. Just a few things.


The netgear router/firewall is not a basic unit. Maybe I'm smoking but it looks prety good to me but what would I know as I'm only making it up as I go along. Please check it out.


All the PC's are auto getting IP's from SBS DHCP service. Does this not mean they will automatically get the Server DNS also?
Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.


Expert Comment

ID: 17960437
You can configure your PC's WINS, DNS, and Gateway IP address in your server's DHCP server settings on SBS so that when your PC's obtain their IP address from your server, their Gateway and DNS is configured as well.  You don't have to configure your WINS IP, but I personally recommend it.  You can also specifically assign an IP to each computer based upon their MAC address meaning everytime your users turn on their machines/renews their IP, they will be assigned the same IP everytime.

"All the PC's are auto getting IP's from SBS DHCP service. Does this "NOT" mean they will automatically get the Server DNS also?"

I can't say for sure that your PC's aren't already using your server for DNS and as their gateway to the Internet if they're already retrieving an IP from your server as you mentioned.  Do an IP config from the command prompt on your server and compare your PC's DNS, Gateway and WiNS (if set) IP addresses to your server's IP address.  If they match your server's IP address, since your server only has one NIC, then your PC's are already connecting to the Internet via your server.  If you need more information on what I'm talking about in regards to your DHCP server settings on your SBS server or anything else let me know!

Happy Networking gmoconno :)

Expert Comment

ID: 17963814
hey gmoconno,
as I said, it's primarily a router, with an unrestricted dmz port, and basic firewalling functionality. I've configured that model router.
for outbound access it's fine, but for inbound access controls with no other measures in place, (and directly to a server without using a dmz bypass to an sslvpn or the like) it isn't enough on its own. just my opinion.

interrogating your DHCP service (on SBS) will let you know what services are being allocated. it's preferable to get SBS to do DNS as in that way it will populate its internal DNS server records and make lookups faster for your clients in future.

if SBS has been configured correctly, the clients will be using SBS for IP addressing, DNS and WINS (not to say that external DNS addressing won't work, but you won't get the advantages of integrated management with your SBS server.



Author Comment

ID: 17994791
Thanks Erutan409 and  sr1xxon - I'm gonna increase the points to 150 and split them.

Tim 1731, thanks for taking the time to reply but I can't award any points as there wasn't much detail in your answer to my specific questions.

Expert Comment

ID: 17995430
thx for the points, I hope everything works out for you.

Expert Comment

ID: 17995544
Same here.  Good luck.

Expert Comment

ID: 17995599
ok no problem

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Internet Business Fax to Email Made Easy - With  eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now