Are there any problems with setting up a dual homed ( 2 NICs ) terminal server?

I am adding a terminal server to a SBS 2003 network and want to put the terminal server on both the LAN and a private network, behind a hardware firewall just like the current SBS server is today.
Both of the servers are dual homed.  This seem to be a good architecture but I would like to know that someone has it working and can advise of the problems encountered.
ableincAsked:
Who is Participating?
 
IQCompConnect With a Mentor Commented:
It is true that they are not recommended, but I have implemented several multi-homed 2K3 Enterprise servers for a school division.  This was the only way they could go through their proxy filtering system to the WAN.  The only important things I would probably recommend is:

1.  The hosts file on each server should have the IP's of all of the other servers in the domain.
      e.g.  10.10.0.1        domain.com    # DC01
              10.11.0.1        domain.com    # DC02

2.  Binding order:
     Network Connections -> "Advanced" menu -> Select "Advanced Settings..."
     Make sure the binding order is set to have your LAN adapter first followed by the WAN.

3.  Routing - routing the LAN traffic through the WAN interface and vice-versa.

4.  Make sure both subnets are in "Sites and Services"

5.  WAN NIC configuration
     Uncheck "Register this connection's address in DNS" under the DNS tab in the TCP/IP settings.

6.  DNS configuration:  Make sure only 1 address is listed for the A records.
                                     Properties for DNS under the Interfaces, set it so it listens on only the LAN
                                     interface (whatever its IP is).

Hopefully that's helpful enough - can't think of much else.
0
 
firemanf29Connect With a Mentor Commented:
Dual homes systems are never recommended and in almost every case not needed.  They tend to cause issues on domain controllers and DNS servers in particular.  Since you're running SBS I'm assuming the systems are doing both.  If you properly configure the firewall and routers then you should only need one IP address on any internal server.  The only exceptions to this may be web servers but that's more of an IIS topic.  Search EE and you'll find we have lot's of questions about problems with dual homed systems.  In every case the expert recommends reconfiguring the network to eliminate the need for a dual homed server.            
0
 
ableincAuthor Commented:
Thanks for the quick response.
Are you saying that best practice would be to have the router / firewall connected directly to the LAN and use port forwarding to route the SMTP and RDP traffic to the respective server?
The SBS server is currently dual homed and provides added isolation from the Internet using ISA.
 The current Firewall / Router provides for guest access to the internet and only passes SMTP and RWW traffic from the outside to SBS.
I didn't want to further load ISA with all of the Terminal Server traffic although I only expect 5 to 8 users at any one time.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.