ctsuhako
asked on
SBS 2003 - Switch From 2 NICs To 1 Nic
Network Information:
T1--Cisco 2620 Router (Public IP 65.xxx.xxx)--Sonicwall TZ 170 Firewall (Public IP 65.xxx.xxx.xxx)--Dual Homed SBS 2003 Server (Public IP 65.xxx.xxx.xxx, Private IP 10.xxx.xxx.xxx)--SBS Network. There is also a Barracuda Web Filter that sits between the Internal NIC and the switch that connects the inside PCs. No ISA. MX record points to the SBS Public IP with the name of mail.domaincom. Network runs fine
We want to use the Barracuda Spam Filter in our network and it would need to have an internal IP address to do the filtering after which it would pass the email along to our Exchange server on SBS. The Sonicwall is configured in Transparent Mode and only has a public IP address and is not aware of the internal network. From my understanding, with a hardware firewall like the Sonicwall, the 2 NIC configuration is not necessary. I would like to change over to the following scenario:
T1--Cisco 2620 Router (Public IP 65.xxx.xxx)--Sonicwall TZ 170 Firewall (Public IP 65.xxx.xxx.xxx, Private IP 10.xxx.xxx.xxx)--Single NIC SBS 2003 Server (Private IP 10.xxx.xxx.xxx)--SBS Network (which would contain both Barracudas).
I would assume that I would then configure the Sonicwall to forward all Port 25 requests to the Barracuda Spam Filter which would then forward to the Exchange server. Also, we use RWW, OWA, VPN so I guess I would also forward that traffic.
If this is correct what would the process be to move from the 2 NIC configuration to the 1 NIC configuration? Do I disable the Public NIC and then rerun CEICW? I want to be very careful here as I don't want to hose everything up :).
Thank you!
T1--Cisco 2620 Router (Public IP 65.xxx.xxx)--Sonicwall TZ 170 Firewall (Public IP 65.xxx.xxx.xxx)--Dual Homed SBS 2003 Server (Public IP 65.xxx.xxx.xxx, Private IP 10.xxx.xxx.xxx)--SBS Network. There is also a Barracuda Web Filter that sits between the Internal NIC and the switch that connects the inside PCs. No ISA. MX record points to the SBS Public IP with the name of mail.domaincom. Network runs fine
We want to use the Barracuda Spam Filter in our network and it would need to have an internal IP address to do the filtering after which it would pass the email along to our Exchange server on SBS. The Sonicwall is configured in Transparent Mode and only has a public IP address and is not aware of the internal network. From my understanding, with a hardware firewall like the Sonicwall, the 2 NIC configuration is not necessary. I would like to change over to the following scenario:
T1--Cisco 2620 Router (Public IP 65.xxx.xxx)--Sonicwall TZ 170 Firewall (Public IP 65.xxx.xxx.xxx, Private IP 10.xxx.xxx.xxx)--Single NIC SBS 2003 Server (Private IP 10.xxx.xxx.xxx)--SBS Network (which would contain both Barracudas).
I would assume that I would then configure the Sonicwall to forward all Port 25 requests to the Barracuda Spam Filter which would then forward to the Exchange server. Also, we use RWW, OWA, VPN so I guess I would also forward that traffic.
If this is correct what would the process be to move from the 2 NIC configuration to the 1 NIC configuration? Do I disable the Public NIC and then rerun CEICW? I want to be very careful here as I don't want to hose everything up :).
Thank you!
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
OK, you can leave this open until then if you wish.
ASKER
Tigermatt:
One quick question before I take the plunge this weekend. The public NIC card in the SBS (IP 65.xxx.xxx.20) is currently listed by Sprint's DNS servers as pointing to mail.domain.com. I am correct in assuming that instead of changing our MX records it would be easier to change the public IP of the Sonicwall (currently 65.xxx.xxx.18) to 65.xxx.xxx.20? Thanks!
One quick question before I take the plunge this weekend. The public NIC card in the SBS (IP 65.xxx.xxx.20) is currently listed by Sprint's DNS servers as pointing to mail.domain.com. I am correct in assuming that instead of changing our MX records it would be easier to change the public IP of the Sonicwall (currently 65.xxx.xxx.18) to 65.xxx.xxx.20? Thanks!
Correct, and then just ensure there is an exception in the firewall to forward traffic on ports 25, 80 and 443 which arrives on 65.xxx.xxx.20 to the new internal IP of the SBS.
-tigermatt
-tigermatt
And, by the way, good luck. :-)
ASKER
Thanks! Will let you know the outcome.
ASKER
tigermatt:
Worked like a charm! Thanks!
Worked like a charm! Thanks!
Brilliant, thanks a lot!
SBS
Small Business Server (SBS) is a line of server operating systems targeted at small businesses by bundling the operating system with a number of other Microsoft products that would normally need to be purchased or licensed separately. The most notable inclusions are Exchange, SQL Server, SharePoint and ISA/TMG (Microsoft's firewall and proxy server).
59K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
ASKER