Set up SBS 2011 using router to run DHCP

I am setting up a SBS 2011 Std machine for the very first time; no prior experience setting up a server OS other than Windows Home Server.

When the CTIW runs it sees that I have a router (LINKSYS WRT310n) running DHCP and wants me to disable it on the router. When I click 'Postpone' to doing that, if I try to move forward in setting up the server it tells me I have no internet connection, even though I obviously do.

My main question is: Do I have to let SBS 2011 do DHCP on the network? At this point there are no plans to set up Exchange email on this server, it is basically going to be used in a small office environment as an application and file server. I also have a remote location that will need to access it.

Also, if I must run DHCP on the server, I keep seeing information that it only supports 1 NIC; but wouldn't it need to support 2? 1 for the LAN and 1 for the WAN?
LVL 1
coptechsAsked:
Who is Participating?
 
Brian PierceConnect With a Mentor PhotographerCommented:
Its far better to have SBS do the DHCP - for a start it will give the clients the SBS server as the DHCP server which is essential for you domain to function properly (typically is a pain or impossible to get router based DHCP to do this). Windows hased DHCP also can give out other domain specific info to the clients (such as domain name), and it integrates much better with the other windows domain components.
0
 
CSIPComputingConnect With a Mentor Commented:
And no, you don't need dual NICs any more.

The router acts as a gateway on your internal LAN, rather than the server acting as the gateway, and ISA server doing the routing.

Suggest you follow best practices as KCTS suggests, and let the server sort the DHCP.  
0
 
Cliff GaliherCommented:
Running DHCP on the server has nothing to do with Exchange (although, on a tangent, running SBS 2011 without Exchange is also a recipe for disaster and usually means you are running the wrong product for your needs.)

When DHCP runs on a router such as a consumer router, it's DHCP service is all about getting the connected machines Internet service, nothing more. In a domain environment, a machine needs to know more about the network. Kerberos, the default authentication, for example, is sensitive to time discrepancies to prevent replay attacks, so all machines must be close in clock sync.

The SBS DHCP service knows this and sets several DHCP options that a router would not, and therefore helps prevent common workstation issues. There IS a reason the SBS wizard is stubborn. Don't try to out-think it.

Regarding NICs, SBS 2011 is a LAN only topology designed OS. it dies not proxy ir filter Internet access. You must use a router or (preferably) a business security device for that. So yes, only one NIC is supported, and SBS ahold never have a direct WAN connection.

-Cliff
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
Cliff GaliherCommented:
Running DHCP on the server has nothing to do with Exchange (although, on a tangent, running SBS 2011 without Exchange is also a recipe for disaster and usually means you are running the wrong product for your needs.)

When DHCP runs on a router such as a consumer router, it's DHCP service is all about getting the connected machines Internet service, nothing more. In a domain environment, a machine needs to know more about the network. Kerberos, the default authentication, for example, is sensitive to time discrepancies to prevent replay attacks, so all machines must be close in clock sync.

The SBS DHCP service knows this and sets several DHCP options that a router would not, and therefore helps prevent common workstation issues. There IS a reason the SBS wizard is stubborn. Don't try to out-think it.

Regarding NICs, SBS 2011 is a LAN only topology designed OS. it dies not proxy ir filter Internet access. You must use a router or (preferably) a business security device for that. So yes, only one NIC is supported, and SBS ahold never have a direct WAN connection.

-Cliff
0
 
coptechsAuthor Commented:
I'm all for best practice so I will let the server do DHCP.

So I'll turn off DHCP on the router but still leave the WAN connection plugged in to the router, right?

Some follow up questions:

Most of the clients on the network are static IP's, do I have to/should I change them? Will my routers firewall still protect the network or do I need another piece of hardware or software to be a firewall?
0
 
Cliff GaliherCommented:
It would be best to change them (see above on DHCP Options for why) and a consumer router is rarely adequate network protection for a business. Look at a security appliance such as watchguard, sonicwall, Calyptix, cisco ASA series, or similar. Many security appliances have small business versions.

And apologies fir the double post earlier. iPad is being stubborn about 3G today.

-Cliff
0
 
CSIPComputingCommented:
I would recommend changing those clients to DHCP so you get the benefit of the extra scope options dealt by the server. If the clients MUST stay on a particular IP address, create a DHCP reservation for them.

Assuming you have a good firewall (draytek vigorous 2820n being a favourite of mine) it will protect your network. You also MUST protect workstations from user-invoked attacks (malware etc) by installing business class anti virus throughout.

I'm unsure what you mean by plugging the wan connection into the router... But assuming your router is on the same ip range as your server, and you have only one NIC on the server, plug the server, pcs, router, etc ALL  into the switch, and away you go.
0
 
SuperTacoCommented:
SBS best practice dictates to use the SBS as DHCP
0
 
Brian PiercePhotographerCommented:
Your setup will look something like this
SBS.gif
0
 
D_VanteCommented:
Turn off dhcp on the router
Point your server to the router by giving it a static ip
Verify Internet access
Setup your dhcp on your server
Remember to exclude any static IPs such as printers
Reboot one if your workstations that are dynamic and see if gets the appropriate info
0
 
coptechsAuthor Commented:
Thank you all so very much for your input on this. All of the information will be helpful.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.