How do I properly add a secondary DHCP network on a 2003 SBS domain?
Posted on 2010-09-17
Please bear with me as I describe our network. We have a 2003 SBS machine that hosts our network. For years we have been using this primary DHCP network scope:
192.168.1.x/255.255.255.0 with 192.168.1.254 as our gateway (Watchguard Firebox x750e).
We have a lot of networked devices on the LAN now and we wanted to move some of them to their own network. We created a secondary scope on DHCP (192.168.2.1 - 192.168.2.254). We decided move our IP cameras and their host PC to a 192.168.2.x on a 255.255.254.0 subnet. At first, we just added a second NIC to our PC's and set them to that network, and we were able to add them and remote into our 192.168.2.x pc and cameras. We didn't really have a second gateway set up but that didn't seem to be an issue since none of the 192.168.2.x devices needed internet access. We thought it might help to enable the SBS Server's second NIC on the 192.168.2.x network so we did that and plugged it into one of the switches. Then we noticed that a lot of devices tried to grab a 192.168.2.x address and then couldn't reach anything on the network. So, we gave static IP's to those devices back on the 192.168.1.x network.
Here is a basic layout of the starting point of our network:
Barracuda Spam Filter
HP Procurve Switch - SBS SERVER (hostname server1)
Dell Powerconnect Switch/
other servers and PC's (hostnames Trend, Cameras, etc.)
From the HP Procurve, we have fiber going to two different buildings (there will be a third building in the next couple weeks).
In one building we just installed some POE cameras. We have one fiber line going to a transceiver which goes via copper to an unmanaged POE switch. These cameras were programmed on the 192.168.2.x network. However, this building already has a PC, network printers and thin clients, all on the 192.168.1.x network.
Everything seemed to work just fine until we created a virtual 2008 server to host Trend Micro Worry Free Business (advanced). We did this so we could remove Trend Micro from the SBS Server. However before we could remove Trend Micro from SBS, we had to find a way to MOVE the camera host PC over to the new Trend server. At this point I could RDP into the virtual Trend machine. I tried to add a second NIC to that VM for the 192.168.2.x network so that I could move the PC that records the POE cameras. The camera PC did "move" to the Trend server, but I could no longer RDP into that server. I could ping Trend from Cameras (the pc) but could not ping Cameras from Trend. The only way I could log in to Trend was through the VM console.
We plan on buying some more managed POE switches next week if necessary.
I was told that we could enable one of the optional ports on our Watchguard to to be the gateway for our 192.168.2.x network. I can enable it, but I'm not sure how to configure it properly.
If anyone can help guide our network expansion, we would greatly appreciate it. Pleaes let me know if I need to provide any more information.