Solved

Set up SBS 2011 using router to run DHCP

Posted on 2011-09-10
11
1,805 Views
Last Modified: 2013-12-02
I am setting up a SBS 2011 Std machine for the very first time; no prior experience setting up a server OS other than Windows Home Server.

When the CTIW runs it sees that I have a router (LINKSYS WRT310n) running DHCP and wants me to disable it on the router. When I click 'Postpone' to doing that, if I try to move forward in setting up the server it tells me I have no internet connection, even though I obviously do.

My main question is: Do I have to let SBS 2011 do DHCP on the network? At this point there are no plans to set up Exchange email on this server, it is basically going to be used in a small office environment as an application and file server. I also have a remote location that will need to access it.

Also, if I must run DHCP on the server, I keep seeing information that it only supports 1 NIC; but wouldn't it need to support 2? 1 for the LAN and 1 for the WAN?
0
Comment
Question by:coptechs
  • 3
  • 2
  • 2
  • +3
11 Comments
 
LVL 70

Accepted Solution

by:
KCTS earned 250 total points
Comment Utility
Its far better to have SBS do the DHCP - for a start it will give the clients the SBS server as the DHCP server which is essential for you domain to function properly (typically is a pain or impossible to get router based DHCP to do this). Windows hased DHCP also can give out other domain specific info to the clients (such as domain name), and it integrates much better with the other windows domain components.
0
 
LVL 10

Assisted Solution

by:CSIPComputing
CSIPComputing earned 250 total points
Comment Utility
And no, you don't need dual NICs any more.

The router acts as a gateway on your internal LAN, rather than the server acting as the gateway, and ISA server doing the routing.

Suggest you follow best practices as KCTS suggests, and let the server sort the DHCP.  
0
 
LVL 56

Expert Comment

by:Cliff Galiher
Comment Utility
Running DHCP on the server has nothing to do with Exchange (although, on a tangent, running SBS 2011 without Exchange is also a recipe for disaster and usually means you are running the wrong product for your needs.)

When DHCP runs on a router such as a consumer router, it's DHCP service is all about getting the connected machines Internet service, nothing more. In a domain environment, a machine needs to know more about the network. Kerberos, the default authentication, for example, is sensitive to time discrepancies to prevent replay attacks, so all machines must be close in clock sync.

The SBS DHCP service knows this and sets several DHCP options that a router would not, and therefore helps prevent common workstation issues. There IS a reason the SBS wizard is stubborn. Don't try to out-think it.

Regarding NICs, SBS 2011 is a LAN only topology designed OS. it dies not proxy ir filter Internet access. You must use a router or (preferably) a business security device for that. So yes, only one NIC is supported, and SBS ahold never have a direct WAN connection.

-Cliff
0
 
LVL 56

Expert Comment

by:Cliff Galiher
Comment Utility
Running DHCP on the server has nothing to do with Exchange (although, on a tangent, running SBS 2011 without Exchange is also a recipe for disaster and usually means you are running the wrong product for your needs.)

When DHCP runs on a router such as a consumer router, it's DHCP service is all about getting the connected machines Internet service, nothing more. In a domain environment, a machine needs to know more about the network. Kerberos, the default authentication, for example, is sensitive to time discrepancies to prevent replay attacks, so all machines must be close in clock sync.

The SBS DHCP service knows this and sets several DHCP options that a router would not, and therefore helps prevent common workstation issues. There IS a reason the SBS wizard is stubborn. Don't try to out-think it.

Regarding NICs, SBS 2011 is a LAN only topology designed OS. it dies not proxy ir filter Internet access. You must use a router or (preferably) a business security device for that. So yes, only one NIC is supported, and SBS ahold never have a direct WAN connection.

-Cliff
0
 
LVL 1

Author Comment

by:coptechs
Comment Utility
I'm all for best practice so I will let the server do DHCP.

So I'll turn off DHCP on the router but still leave the WAN connection plugged in to the router, right?

Some follow up questions:

Most of the clients on the network are static IP's, do I have to/should I change them? Will my routers firewall still protect the network or do I need another piece of hardware or software to be a firewall?
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 56

Expert Comment

by:Cliff Galiher
Comment Utility
It would be best to change them (see above on DHCP Options for why) and a consumer router is rarely adequate network protection for a business. Look at a security appliance such as watchguard, sonicwall, Calyptix, cisco ASA series, or similar. Many security appliances have small business versions.

And apologies fir the double post earlier. iPad is being stubborn about 3G today.

-Cliff
0
 
LVL 10

Expert Comment

by:CSIPComputing
Comment Utility
I would recommend changing those clients to DHCP so you get the benefit of the extra scope options dealt by the server. If the clients MUST stay on a particular IP address, create a DHCP reservation for them.

Assuming you have a good firewall (draytek vigorous 2820n being a favourite of mine) it will protect your network. You also MUST protect workstations from user-invoked attacks (malware etc) by installing business class anti virus throughout.

I'm unsure what you mean by plugging the wan connection into the router... But assuming your router is on the same ip range as your server, and you have only one NIC on the server, plug the server, pcs, router, etc ALL  into the switch, and away you go.
0
 
LVL 10

Expert Comment

by:SuperTaco
Comment Utility
SBS best practice dictates to use the SBS as DHCP
0
 
LVL 70

Expert Comment

by:KCTS
Comment Utility
Your setup will look something like this
SBS.gif
0
 
LVL 7

Expert Comment

by:D_Vante
Comment Utility
Turn off dhcp on the router
Point your server to the router by giving it a static ip
Verify Internet access
Setup your dhcp on your server
Remember to exclude any static IPs such as printers
Reboot one if your workstations that are dynamic and see if gets the appropriate info
0
 
LVL 1

Author Closing Comment

by:coptechs
Comment Utility
Thank you all so very much for your input on this. All of the information will be helpful.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Suggested Solutions

If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now