Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Set up SBS 2011 using router to run DHCP

Posted on 2011-09-10
11
1,822 Views
Last Modified: 2013-12-02
I am setting up a SBS 2011 Std machine for the very first time; no prior experience setting up a server OS other than Windows Home Server.

When the CTIW runs it sees that I have a router (LINKSYS WRT310n) running DHCP and wants me to disable it on the router. When I click 'Postpone' to doing that, if I try to move forward in setting up the server it tells me I have no internet connection, even though I obviously do.

My main question is: Do I have to let SBS 2011 do DHCP on the network? At this point there are no plans to set up Exchange email on this server, it is basically going to be used in a small office environment as an application and file server. I also have a remote location that will need to access it.

Also, if I must run DHCP on the server, I keep seeing information that it only supports 1 NIC; but wouldn't it need to support 2? 1 for the LAN and 1 for the WAN?
0
Comment
Question by:coptechs
  • 3
  • 2
  • 2
  • +3
11 Comments
 
LVL 70

Accepted Solution

by:
KCTS earned 250 total points
ID: 36516653
Its far better to have SBS do the DHCP - for a start it will give the clients the SBS server as the DHCP server which is essential for you domain to function properly (typically is a pain or impossible to get router based DHCP to do this). Windows hased DHCP also can give out other domain specific info to the clients (such as domain name), and it integrates much better with the other windows domain components.
0
 
LVL 10

Assisted Solution

by:CSIPComputing
CSIPComputing earned 250 total points
ID: 36516678
And no, you don't need dual NICs any more.

The router acts as a gateway on your internal LAN, rather than the server acting as the gateway, and ISA server doing the routing.

Suggest you follow best practices as KCTS suggests, and let the server sort the DHCP.  
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 36516707
Running DHCP on the server has nothing to do with Exchange (although, on a tangent, running SBS 2011 without Exchange is also a recipe for disaster and usually means you are running the wrong product for your needs.)

When DHCP runs on a router such as a consumer router, it's DHCP service is all about getting the connected machines Internet service, nothing more. In a domain environment, a machine needs to know more about the network. Kerberos, the default authentication, for example, is sensitive to time discrepancies to prevent replay attacks, so all machines must be close in clock sync.

The SBS DHCP service knows this and sets several DHCP options that a router would not, and therefore helps prevent common workstation issues. There IS a reason the SBS wizard is stubborn. Don't try to out-think it.

Regarding NICs, SBS 2011 is a LAN only topology designed OS. it dies not proxy ir filter Internet access. You must use a router or (preferably) a business security device for that. So yes, only one NIC is supported, and SBS ahold never have a direct WAN connection.

-Cliff
0
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 36516710
Running DHCP on the server has nothing to do with Exchange (although, on a tangent, running SBS 2011 without Exchange is also a recipe for disaster and usually means you are running the wrong product for your needs.)

When DHCP runs on a router such as a consumer router, it's DHCP service is all about getting the connected machines Internet service, nothing more. In a domain environment, a machine needs to know more about the network. Kerberos, the default authentication, for example, is sensitive to time discrepancies to prevent replay attacks, so all machines must be close in clock sync.

The SBS DHCP service knows this and sets several DHCP options that a router would not, and therefore helps prevent common workstation issues. There IS a reason the SBS wizard is stubborn. Don't try to out-think it.

Regarding NICs, SBS 2011 is a LAN only topology designed OS. it dies not proxy ir filter Internet access. You must use a router or (preferably) a business security device for that. So yes, only one NIC is supported, and SBS ahold never have a direct WAN connection.

-Cliff
0
 
LVL 1

Author Comment

by:coptechs
ID: 36516714
I'm all for best practice so I will let the server do DHCP.

So I'll turn off DHCP on the router but still leave the WAN connection plugged in to the router, right?

Some follow up questions:

Most of the clients on the network are static IP's, do I have to/should I change them? Will my routers firewall still protect the network or do I need another piece of hardware or software to be a firewall?
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 36516726
It would be best to change them (see above on DHCP Options for why) and a consumer router is rarely adequate network protection for a business. Look at a security appliance such as watchguard, sonicwall, Calyptix, cisco ASA series, or similar. Many security appliances have small business versions.

And apologies fir the double post earlier. iPad is being stubborn about 3G today.

-Cliff
0
 
LVL 10

Expert Comment

by:CSIPComputing
ID: 36516730
I would recommend changing those clients to DHCP so you get the benefit of the extra scope options dealt by the server. If the clients MUST stay on a particular IP address, create a DHCP reservation for them.

Assuming you have a good firewall (draytek vigorous 2820n being a favourite of mine) it will protect your network. You also MUST protect workstations from user-invoked attacks (malware etc) by installing business class anti virus throughout.

I'm unsure what you mean by plugging the wan connection into the router... But assuming your router is on the same ip range as your server, and you have only one NIC on the server, plug the server, pcs, router, etc ALL  into the switch, and away you go.
0
 
LVL 10

Expert Comment

by:SuperTaco
ID: 36517221
SBS best practice dictates to use the SBS as DHCP
0
 
LVL 70

Expert Comment

by:KCTS
ID: 36517376
Your setup will look something like this
SBS.gif
0
 
LVL 7

Expert Comment

by:D_Vante
ID: 36518960
Turn off dhcp on the router
Point your server to the router by giving it a static ip
Verify Internet access
Setup your dhcp on your server
Remember to exclude any static IPs such as printers
Reboot one if your workstations that are dynamic and see if gets the appropriate info
0
 
LVL 1

Author Closing Comment

by:coptechs
ID: 36520404
Thank you all so very much for your input on this. All of the information will be helpful.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Western Digital 2TB Red Not Being Detected By RAID Card 15 90
Power and BTU ratings calculation 13 86
Dell Server drives 9 67
Setting up RAID5 on HP ProLiant DL380G5 15 71
I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
Moving your enterprise fax infrastructure from in-house fax machines and servers to the cloud makes sense — from both an efficiency and productivity standpoint. But does migrating to a cloud fax solution mean you will no longer be able to send or re…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question