Reconfigure Small Business Network

I inherited a small business network that I would like to reconfigure (See Image).

Basically, they had the SBS Server setup as the frontend for the network.  I would like to put the server behind a gigabit router, and create a backbone between the server, NAS, and workstation switch.

Question is: what do I need to do to the SBS server and to the router to have everything working?  Everything = self-hosted email (exchange), VPN, and everything else windows seems to need to make it work.  I know I'll have to setup port forwarding on the router to point to the server, but I feel like I'm missing something, and I'm not sure how SBS server is going to like being moved.

I've been told to use DHCP on the server still, and have no problem with that.

I've researched this for a month on the internet and read the SBS2003 Administrator's Companion, but still feel like I'm missing something.

If you need more information, just reply.  I'll be here all day and I'll check this throughout the weekend.
Network-Diagram.png
LVL 8
theodorejsalvoAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

shauncroucherCommented:
This is pretty straightforward really.

The bit you are missing is once you have moved the server, disable the second NIC card and then re-run the Internet Configuration Wizard and specify you only have 1 network card. This will reconfigure it all for you.

Port forward 25 (if you use SMTP inbound), 443 (for OWA) and 1723 with IP GRE (if you are using PPTP VPN termination)

Shaun
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
theodorejsalvoAuthor Commented:
Quick Follow-Up: in the DHCP settings, what do I configure the Default Gateway as, the SBS server or the router?
0
shauncroucherCommented:
Router, as the server will no longer be able to route anything because it will only have one interface.

Shaun
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

Mr_GrumpyCommented:
Is this SBS2003 Standard or Premium (with ISA)? If you have ISA 2004, you may have issues with a single nic & best practise (on SBS2003 Premium) is to use 2 nics.
0
shauncroucherCommented:
Actually I believe the offical line is 2 NIC is the best practice for either flavour. Both will work fine with a single NIC however. It's just a matter of choice.

If you have premium, remove local ISA firewalls from client Pc's and then uninstall ISA from server. Internet configuration wizard auto prompts after this if I remember correctly.

Shaun
0
theodorejsalvoAuthor Commented:
It is standard.  With a 2 NIC configuration on the server, can i set the server to be a gateway?  See my diagram above, I need the workstations to have access to the NAS, and I want the NAS, router, server, and switch to be gigabit (one port on switch is gigabit).
0
shauncroucherCommented:
Yes, but surely that would just be the same as what you have now?

The second diagram is fine providing the dlink router is actually just a DSL router with inbuild switch ports. You wouldn't want the SBS on another network for example, but those small business 'routers' are actually switches with a DSL and fastethernet interface!

Shaun
0
theodorejsalvoAuthor Commented:
@shauncroucher: Precisely.  And yes to the D-Link Router.
0
ConchCrawlCommented:
IMO, I don't see any benefit of moving the NAS and SBS to the router. I would place the nas and sbs server on the switch and connect the dlink router to the switch and isp. I see no advantage in the configuration you are trying to setup. I'm not saying you can't do it but I wouldn't consider it to be a normal configuration.
You need to also make sure the dlink dhcp service is turned off as the SBS server will want to be the dhcp server and everyone else will be also. You need to run the dhcp wizard if not already, this normally by default.
Yes, please disable the second nic. Make sure SBS is pointed to itself for dns and the gateway is the router, this is also the way you would configure dhcp for the workstations. You would also configure the nas the same way.
Sounds like some manual configuration may have went on before you got there.
Hope this is helpful and if you need further clarification on any of the steps above or I have misunderstood something please don't hesitate to elaborate.  
0
bitMASTERSCommented:
I agree, connect SBS and NAS to the switch and not directly to the router.  Use the router ip as the gateway.  In fact reconfigure the router to use the same subnet as what the SBS was using before i.e. if your SBS was 192.168.1.2 then set your router's lan interface to 192.168.1.1 and also disable DHCP on the router so SBS will be your DHCP server  (I .set it my routers to x.x.x.1 for consistency but you can use any available ip in the subnet).  If you use a different subnet than originally configured on the SBS you may have to manually configure DNS and/or DHCP so save yourself some extra work.  Rerun the connection wizard for one NIC.  On the router, open ports 80, 443, 3389 (if you want to manage remotely using RDP--also make sure each workstation has Remote Desktop enabled so you could manage every computer on the net), 25, 444 (if you want to access sharepoint externally) and 4125 (Remote Web Workplace) on the router and forward to 192.168.1.2 (or whatever ip you assigned to the server).  I never open up 1723 as recommended previously because that opens up additional security issues for those who connect via VPN.  Just have them use Remote Web Workplace, it's more secure and you can accomplsh more more efficiently.  When you migrate to SBS 2008, this is the recommended topology (one nic, DHCP server and router is the gateway).  Once you get it set up, you will have some additonal work to get email configured properly.  You will need to decide whether you are going to use your ISP as a smart host or whether you will use DNS for delivering mail.  I prefer the latter but it takes a little more effort including setting up reverse DNS.  You will also want to set an SPF record.  You can check your server after it's configured using the tools at mxtoolbox.com.  I also highly recommend configuring IMF on the server as well as RBLs.  That will cut your spam intake.  More detail available on that but that's really another subject. Good luck and have fun!
0
shauncroucherCommented:
The design you have given is the best one for your scenario, if you attach the SBS and NAS to the switch they will have limited bandwidth (100mbps each) as you say you only have 1 gigabit port that you can use to uplink to the dlink.

As I explained, the dlink is really another switch and if this has gigabit, then you are best to plug the SBS and NAS into it to make use of the bandwidth.

There is nothing unusual about this design and makes best use of your bandwidth.

Shaun
0
bitMASTERSCommented:
Here's why I wouldn't (and don't plug my servers or NAS devices in to routers).  When you need to restart your router (and believe me you surely will several times over its life time) you have to log everyone off otherwise you disconnect them.  That's a pain.  If you have your router connected only to the switch you could reconfigure or reboot it without affecting network connectivity.

Using D-Link, you don't have a lot invested so if network performance is an issue then invest in a gigabit switch and put everyone on gigabit. They are relatively cheap these days--especially D-Link.

If you don't want to increase your network speed up to 10 fold by adding a gigabit switch then my recommendation still stands.  I don't believe there is any benefit of a gigabit router unless it's connected to one or more additional gigabit routers for segmenting purposes.  In a standalone situation like yours, yes you can connect your server to the gigabit port but you are still communicating with the workstations at 100MB.  I submit you won't see any meaningful performance differences.
0
shauncroucherCommented:
Another Gigabit switch would be ideal, but given the choice you have I'd hook SBS and NAS to the switchports on the router as you will benefit from the throughput. Its true that if you need to reboot the router, connectivity to the server will go down for a minute or so, but you shouldn't have to reboot it all that often and for small business, its not always a big issue. I agree if you can purchase a second gig switch, that would be the optimal configuration for you as it will negate this issue.

Choice is yours I guess, just bear in mind that if the SBS and NAS are plugged into a Gig port they will be able to provide much higher levels of throughput to your 100mbps devices. Even if only the SBS and NAS are at a gig, for data transfer, you will have 1000mbps to provide across your users, so you will notice a difference.

Shaun
0
ConchCrawlCommented:
Default scenario, it is always the cheapest,quickest, and easiest fix you can do for your network, but a gigabit switch, geez :-).
0
theodorejsalvoAuthor Commented:
It's not just the gigabit switch--it's the interface cards that go with it (and despite my graphic it's not just 3 workstations either!)

I'm working on changing now, hopefully will award points on Monday pending any hiccups.  Thanks!
0
ConchCrawlCommented:
Most if not all workstations and servers in the last several (at least five) years already come with GB cards ;-).
0
ConchCrawlCommented:
Besides, even if there are workstations still using 100mb nic's they will still benefit with the servers and everyone else on a 10 lane highway vs a one lane highway, they'll just be driving on the outside lane :-).
Just this week I had a very similar problem, this problem had been going on for months, I replaced a 100mb 48 port and 24 port switch that was connected with fiber. Within the hour it took me to replace the switches with GB's everyone was like wow my excel, quickbooks, internet, and anything else was popping up much faster. End of my problems :-).
The funny thing is I use to hear the same arguments back when  10mb hub's were the standard and the new standard was 100mb switches :-). Some things never change. Trust me it was a harder sell than spending a couple hundred bucks on a GB switch.
Hope this helps
0
bitMASTERSCommented:
well said Conch. it sounds like most of us are in agreement. plug in everything in to the switch. preferably you are able to upgrade it to gigabit but if not your topology is set when you are ready to do it.  Good Luck!
0
theodorejsalvoAuthor Commented:
That...was WAY too easy!

I configured the router, ran ICW on the server, switched the wires...and it works!

Thanks all, assigning points now...
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SBS

From novice to tech pro — start learning today.