fugazer
asked on
Recommended NIC & DCHP for Windows 2003 Server
I'm curious to know what would be the best way to set up my Server.. Currently i have the following configuration
NIC 1:
IP: 192.168.1.2
Subnet: 255.255.255.0
Gateway: 192.168.1.1
DNS: 192.168.1.2
NIC 2:
IP: 10.0.0.110
Subnet: 255.0.0.0
Gateway: 192.168.1.1
DNS: 192.168.1.2
NIC 1 is connected to my linksys router.. The windows box run's DHCP so the linksys DHCP is disabled and it forward all requests to the server. The linksys is mainly used for other machines to connected to the server when people come over to my place..
NIC 2 is functioning as a NAT which 1 computer is connected directly (my mac mini). The reason why my mac is connected to NIC 2 instead of the router is b/c they connect at 1000BaseT..
The DCHP Scope for NIC 1 is:
IP Range: 192.168.1.110 to 192.168.1.130
Router: 192.168.1.1
DNS Server: 192.168.1.2
DNS Domain Name: mydomain
The DHCP Scope for NIC 2 us:
IP Range: 10.0.0.110 to 10.0.0.120
Router 10.0.0.100
DNS Server: 10.0.0.100
DNS Domain Name: mydomain
I also have VPN services enabled on NIC 1 which is using up address 192.168.1.110 to 192.168.1.120 automatically..
I'm not sure if this is the best way of configuring this set up.. I've had problems in the past using the 192.168.1.X address pool for VPN clients trying to connect.. Also, my set up is running 2 subnets which i dont know if thats a good idea either with such a small network.
Anyway, some advice and recommendations would be great.
Ideally when i'm done l'd like users who connect to the linksys router be able to see my mac file shares.. But i've had no luck being able to access my mac from another computer.. However, i was able to connect to a windows machine on the linksys router through my mac (running leopard).. strange.
NIC 1:
IP: 192.168.1.2
Subnet: 255.255.255.0
Gateway: 192.168.1.1
DNS: 192.168.1.2
NIC 2:
IP: 10.0.0.110
Subnet: 255.0.0.0
Gateway: 192.168.1.1
DNS: 192.168.1.2
NIC 1 is connected to my linksys router.. The windows box run's DHCP so the linksys DHCP is disabled and it forward all requests to the server. The linksys is mainly used for other machines to connected to the server when people come over to my place..
NIC 2 is functioning as a NAT which 1 computer is connected directly (my mac mini). The reason why my mac is connected to NIC 2 instead of the router is b/c they connect at 1000BaseT..
The DCHP Scope for NIC 1 is:
IP Range: 192.168.1.110 to 192.168.1.130
Router: 192.168.1.1
DNS Server: 192.168.1.2
DNS Domain Name: mydomain
The DHCP Scope for NIC 2 us:
IP Range: 10.0.0.110 to 10.0.0.120
Router 10.0.0.100
DNS Server: 10.0.0.100
DNS Domain Name: mydomain
I also have VPN services enabled on NIC 1 which is using up address 192.168.1.110 to 192.168.1.120 automatically..
I'm not sure if this is the best way of configuring this set up.. I've had problems in the past using the 192.168.1.X address pool for VPN clients trying to connect.. Also, my set up is running 2 subnets which i dont know if thats a good idea either with such a small network.
Anyway, some advice and recommendations would be great.
Ideally when i'm done l'd like users who connect to the linksys router be able to see my mac file shares.. But i've had no luck being able to access my mac from another computer.. However, i was able to connect to a windows machine on the linksys router through my mac (running leopard).. strange.
ASKER
yup.. 192.168.1.1 is the IP of the linksys router.. Since its a weekday i can't make any changes to the server until the weekend, but have a couple more preparation questions until then.
I don't like how NIC 1 scope is 192.168.X.X... id like to change that IP over to 10.0.1.1, and use the scope 10.0.1.100 - 10.0.1.150..
Then with NIC 2 i'd like the IP to be 10.0.2.1 and change that scope to 10.0.2.100 - 10.0.2.150..
So with that said i have a couple questions:
1) Is that a logical setup for NIC1 and NIC2??
2) If i make those changes i'm assuming that both NIC's will need to be set to -> subnet 255.0.0.0 ?? If thats correct, what are the advantages of having NIC1 and NIC2 on the same subnet?? Are there disadvantaged of my current set up with two subnets??
3) You mentioned that i remove the IP Gateway for NIC 2?? Is this b/c NIC 2 does not connect to the linksys route where the internet is coming fromr?? If that correct, how does NIC 2 know that the internet is coming from 192.168.1.1 ?
I'm a little confused about how the two NIC's mingle with each other..
4) You also mentioned that i remove NAT from RRAS.. Why do you recommend this? I'm very unfamiliar with NAT and it was only set up b/c i couldn't figure out a way to get my mac mini connected right into the server allowing internet, and file sharing..
By removing it, what's going to happen? How does the mac get internet and remained networked to the server?
5) If one day i needed to add a router to NIC2 and connect more machines, will i need NAT again?
thanks for your help
1) If you wan to change NIC1 scope, you would have to change Linksys IP address to be from that scope. Besides that, setup is logical.
2) No, two NICs on ssame server should not be in same subnet, therefore you would have to change mask to 255.255.255.0. Current setup with two subnets is OK, it can be done in many different ways but this one is fine.
3) NIC does not have brain of its own, server makes decisions. Therefore server needs only one default gateway
4) Internally this is routed network and you don't need NAT on internal routers (in this case w2k3 server). NAT, simply said, is used to translate many private IP addresses to one public IP address. Inside your network you don't need that. Only place where you need NAT is on the network edge, towards your internet provider, an that is Linksys router and it probably has it turned on by default. Mac gets internnet this way: it received IP address using DHCP from w2k3 server. It also received default gateway (which is NIC2). Therefore all MAC does is send everything to gateway. W2k3 has default route to Linksys and sends everything to him, linksys knows what to do with it (send it to provider). Now that you asked, you need to add one more thing to above setup, you need to add route for 10.0.0.110 mask 255.0.0.0 subnet to Linksys routing table pointig to NIC1 address (it is necessary because when packets for mac come from outside, linksys needs to know where to direct them)
5) If you want to add more machines behind NIC2, you would add switch, not router. You will not have to change config in any way.
Ask if anything is confusing you .
2) No, two NICs on ssame server should not be in same subnet, therefore you would have to change mask to 255.255.255.0. Current setup with two subnets is OK, it can be done in many different ways but this one is fine.
3) NIC does not have brain of its own, server makes decisions. Therefore server needs only one default gateway
4) Internally this is routed network and you don't need NAT on internal routers (in this case w2k3 server). NAT, simply said, is used to translate many private IP addresses to one public IP address. Inside your network you don't need that. Only place where you need NAT is on the network edge, towards your internet provider, an that is Linksys router and it probably has it turned on by default. Mac gets internnet this way: it received IP address using DHCP from w2k3 server. It also received default gateway (which is NIC2). Therefore all MAC does is send everything to gateway. W2k3 has default route to Linksys and sends everything to him, linksys knows what to do with it (send it to provider). Now that you asked, you need to add one more thing to above setup, you need to add route for 10.0.0.110 mask 255.0.0.0 subnet to Linksys routing table pointig to NIC1 address (it is necessary because when packets for mac come from outside, linksys needs to know where to direct them)
5) If you want to add more machines behind NIC2, you would add switch, not router. You will not have to change config in any way.
Ask if anything is confusing you .
ASKER
so i'd like to change NIC 1 IP over to 10.0.1.1, and NIC 2 IP over to 10.0.2.1
what subnets should i use for each??
what subnets should i use for each??
ASKER
also.. i removed the NAT and now i don't have internet on my mac mini (connected through NIC 2)... when you said "add route for 10.0.0.110 mask 255.0.0.0 subnet to Linksys routing table pointig to NIC1 address", i'm not sure how to do this.. Is this why i have no more internet on my mac mini?
ASKER
I was digging around and i found the Advanced Routing table on the Linksys router.. I tried added the suggested route, but the linksys is giving me an error (**file attached).. i still have no internet..
Picture-2.png
Picture-2.png
ASKER
Well im really confused.. every setting i made was based on assumptions without any real knowledge if i ever set up my server correct in the first place..
I never really was told how i should configure everything (IP's, Subnets, Gateways, DCHP scopes) with 2 NIC cards..
As of now, i broke the internet on NIC 2 by removing NAT, but i understand why i don't need it anymore.. Do i need to set up static routes on RRAS?
What IP's would you recommend i be using for NIC1 and 2??
If you could, instead of patching my current set up, i would like to hear how you would set up my server? Any best practices you could provide me would be great.
I never really was told how i should configure everything (IP's, Subnets, Gateways, DCHP scopes) with 2 NIC cards..
As of now, i broke the internet on NIC 2 by removing NAT, but i understand why i don't need it anymore.. Do i need to set up static routes on RRAS?
What IP's would you recommend i be using for NIC1 and 2??
If you could, instead of patching my current set up, i would like to hear how you would set up my server? Any best practices you could provide me would be great.
OK, first to fix things:
On screenshot you provided try this:
Destination IP: 10.0.0.110
Subnet mask: 255.0.0.0
Default gateway: 192.168.1.2
or if it doesn't accept it, try these values:
Destination IP: 10.0.0.0
Subnet mask: 255.0.0.0
Default gateway: 192.168.1.2
Let me know if it works.
Next, how it should be done:
You have very small network so there is no real need for two subnets. If you need gigabit connection between mac and server, get a gigabit switch, connect mac and servert to it and connect switch to linksys.
When you have only one subnet behind linksys, setup is quite simple: enable dhcp on linksys (leave default values); disconnect NIC2 from server; disable RRAS, DNS and DHCP on server; keep current static address on NIC1 (change only DNS to 192.168.1.1); assign static address to mac (IP:192.168.1.3, mask 255.255.255.0; def.gateway:192.168.1.1, DNS: 192.168.1.1).
This way linksys is doing everything, you have server and mac with static addresses and everyone else will get IP config from dhcp.
On screenshot you provided try this:
Destination IP: 10.0.0.110
Subnet mask: 255.0.0.0
Default gateway: 192.168.1.2
or if it doesn't accept it, try these values:
Destination IP: 10.0.0.0
Subnet mask: 255.0.0.0
Default gateway: 192.168.1.2
Let me know if it works.
Next, how it should be done:
You have very small network so there is no real need for two subnets. If you need gigabit connection between mac and server, get a gigabit switch, connect mac and servert to it and connect switch to linksys.
When you have only one subnet behind linksys, setup is quite simple: enable dhcp on linksys (leave default values); disconnect NIC2 from server; disable RRAS, DNS and DHCP on server; keep current static address on NIC1 (change only DNS to 192.168.1.1); assign static address to mac (IP:192.168.1.3, mask 255.255.255.0; def.gateway:192.168.1.1, DNS: 192.168.1.1).
This way linksys is doing everything, you have server and mac with static addresses and everyone else will get IP config from dhcp.
ASKER
I was able to change the Advanced Routing to:
Destination IP: 10.0.0.0
Subnet: 255.0.0.0
Gateway: 192.168.1.2
and sure enough it worked.. I did the same setting yesterday, except i used gateway 192.168.1.1... Changing the gateway was the key..
But one thing though, i don't understand why it worked.. Could you shed some light on that??
I really want to get NIC 1 off the 192.168.1.X range.. could i change it to something similar to NIC 2 configuration??
Destination IP: 10.0.0.0
Subnet: 255.0.0.0
Gateway: 192.168.1.2
and sure enough it worked.. I did the same setting yesterday, except i used gateway 192.168.1.1... Changing the gateway was the key..
But one thing though, i don't understand why it worked.. Could you shed some light on that??
I really want to get NIC 1 off the 192.168.1.X range.. could i change it to something similar to NIC 2 configuration??
ASKER
Also of priority, i can't seem to connect to my web development server or reach the linksys control panel from the mac mini now that the above changes have been made.. So the internet works now, but i can't reach anything else..
the development server IP = 192.168.1.2
the linksys control panel IP = 192.168.1.1
Both of these cannot be reached or pinged from the mac mini on NIC 2... The development server is also running on port 8080.
the development server IP = 192.168.1.2
the linksys control panel IP = 192.168.1.1
Both of these cannot be reached or pinged from the mac mini on NIC 2... The development server is also running on port 8080.
ASKER
Can anyone shed some light on fixing my set up? Please refer to my current problem posted ID: 22234240..
Ok, first to shed some light: when linksys has packets that are supposed to go to mac (or anyone else on 10.0.0.0 subnet), what should it do with them: send them to w2k3 server. So, gateway is NIC1 (192.168.1.2).
Now, lets see what is wrong. first, can you attach mac mini directly to one of free linksys ethernet ports and try accessing linksys IP and development server.
Now, lets see what is wrong. first, can you attach mac mini directly to one of free linksys ethernet ports and try accessing linksys IP and development server.
ASKER
Yup.. i can connect directly to the LInksys router and successfully access the development server and Linksys IP..
The w2k3 server also has DNS installed if that helps.. Seems that we need to get machines (mac mini) on NIC 2 being able to access of development server on NIC1. What should we do next?
The w2k3 server also has DNS installed if that helps.. Seems that we need to get machines (mac mini) on NIC 2 being able to access of development server on NIC1. What should we do next?
ASKER
Should i use a Windows Network bridge?? Are there pro's and con's to this? If network bridge is appropriate what settings do you recommend?
If i bridge these networks together i'd like to get off the 192.168.1.X scope so people dialing into our VPN get an address that is sure not to conflict with their home routers..
If i bridge these networks together i'd like to get off the 192.168.1.X scope so people dialing into our VPN get an address that is sure not to conflict with their home routers..
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
This can be done in several ways, but let's try this one:
Server NIC1: OK
Server NIC2: IP 10.0.0.100, delete default gateway (leave blank)
DHCP scope 1: Router 192.168.1.2
DHCP scope 2: OK
Also, you have to remove NAT from RRAS on W2k3 server (delete all interfaces from NAT/BasicFirewall)