Cisco PIX 501 Router, Tunnel VPN Sharing data between 2 Boxes

We have two office using it own SBS 2003 (2 differnet companies) and  access data across Cisco PIX 5x1 tunnel firewall to shares data and also uses on remote access, this was setup by outside IT contractor,

If we upgrade the current box (sbs 2003) to a new box (sbs 2011)

Questions:
Do we need to reconfigure the routers (from both end, same model) since SBS 2011 uses only 1 NIC and the current SBS 2003 has 2 NIC installed/configured!

which other router do you recommend / suggest for two servers to communicate and, does it really necessary to have a Cisco Router on both (like right now) Server in order to remote access and files/data sharing???

thank you!

Slumsum
slumsumAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

shukalo83Commented:
Not sure to understand you. I suppose that you don't need to change any networking thing here if you just update server. Number of NIC's is not of interest. The one NIC that matters has to have the same config as the old one in SBS2003. I reckon that Cisco option for doing tunneling is your safest bet. Of course you can always invest in new stuff but if it works like this don't touch it.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
slumsumAuthor Commented:
There are 2 sbs 2003 box, 2 cisco pix 5x1 routers at two different locations,

they are sharing files/data by type in the run command line at both side., \\192.168.0.5 (sbs with 1 NW card)
sbs with 2 NW card,
\\192.168.1.5 (1st NW card)
\\192.168.1.6 - (2nd NW card)
Also involved remote access rdp - to access licensed applications (SQL/CAD i,e)

if I switch out one box (the one with 2 NICs) with the new box (sbs 2011) has only 1 NIC, do i need to call in cisco IT guy since we are taking out the old box with 2 nic at one location with sbs 2011 with only 1 nic?!

sorry if I confused you even further since I am only work with limited knowledge on this (from cisco router)

thank you!
slumsum

0
Tchase99Commented:
I dont see the importance of the second NIC.  However, if you are using DHCP on your cisco pix it will likely grab a different IP if you swap out the box.   If you are using static, then there is no difference.  Are both NIC's on the single box plugged into the PIX?  Or is the second NIC plugged in somewhere else?
0
MSSPs - Are you paying too much?

WEBINAR: Managed security service providers often deploy & manage products from a variety of solution vendors. But is this really the best approach when it comes to saving time AND money? Join us on Aug. 15th to learn how you can improve your total cost of ownership today!

slumsumAuthor Commented:
we have Static IP(s) - not using DHCP only 1 NIC plugged into the cisco router, the other one plugged into switch

thanks Tchase99

slumsum
0
Tchase99Commented:
Ok, is the switch plugged into the PIX as well?  
0
slumsumAuthor Commented:
Yes, it's!

0
Tchase99Commented:
Ok...I dont see the significance of the second NIC and why it would be plugged into both.  You new PC should run just fine plugged into either the PIX or the switch.  There is the off chance that there could be some corny setup on the PIX.  But you can just test in advance by disconnecting either of the 2 NICs from the switch or the PX.  Make sure you can still access the internal network and the VPN network.   My guess yes...but if not, at least you will know in advance if you need to get assistance.
0
slumsumAuthor Commented:
Tchase99:
I was told (about 2nd NIC)) one NIC for outside VPN and the other for inside LOCAL Shares,  what do you think I need to prepare when the new box get set and connect with only 1 NIC to the cisco router?!

I have to think "hard" about this.... (taking down the whole office only GOD knows how long the down time would be....)

I think alert client's cisco IT contractor is one way to do so cause he has VPN access to the Router,

 it could be meaningless since I am going to switch out the old box but I will do that test maybe during the weekend but I can't confirm VPN or Remote (testing) due tothe  distance between two office is over 2 hours drive as I have to physically be there to test it, Most of the office ladies they are not technically trained

thank you!
0
shukalo83Commented:
I'm afraid that we are giving you misleading advice here.

For the 95% percent of setups 2nd NIC is of no importance. But you emphasize it so much that I double checked all this.
So, you have 2 NICs but on the same subnet. Unless someone was doing something really really strange all you need to know after replacing the server that everyone is accessing the share through one ip address. (You could have both configured on one NIC but I don't see the point)

As a last  test,
From 192.168.1.x location, can you access SBS on both ip addresses (.5 and .6) from machine in 192.168.1.x subnet.

If the answer is yes, then you do not need to worry about replacement.

If the answer is no, then we must troubleshoot further.
0
slumsumAuthor Commented:
shukalo83:
You're so Kind! I doubted it and I am comfortable so far...
I am trying to figure out what would happen if we decommission the box with a new box setup and put to serve as in one nic card or,
Should I just open the new box and install a 2nd nic but I heard that sbs 2011 doesn't like and unhappy with additional nic card

maybe that's my point here and I apologized if I wasted your times and if so, Sorry!

To answer your question, Yes and No!
Yes, Internally - files / network drivers sharing
No, only 1 subnet .6 IP works from outside when accessing data shares between these two boxes in two different locations

Hope I answer your question and thank you for your times on this,

slumsum
0
shukalo83Commented:
Thank you slumslum.

To answer your question, Yes and No!
Yes, Internally - files / network drivers sharing
No, only 1 subnet .6 IP works from outside when accessing data shares between these two boxes in two different locations

This is what I was hoping for.

Internally you can access both NICs (remember I've asked " from machine in 192.168.1.x subnet. ")

From outside, naturally, because of firewall rules on you FW box, outsiders can access 192.168.1.5.

So this is my answer.

I'm 99% sure that you can put your new box and give it 192.168.1.5 address.  Everything from the outside will work instantly. From the inside you have to tell all the "insiders" that share is now on \\1921.68.1.5
If you are reluctant to do so because maybe of mapped network drives, do it like this.

Put the new server and give it 192.168.1.5. In  the advanced settings add new ip address on the same nic and make it 192.168.1.6.

That should be all. I would go for a first option, it's cleaner solution but a tedious one.
Second one is kind a cheat but it will work the same as previous setup. Except for sharing the bandwidth but with one card in place, no way to go around this.

So, just give it a try and do not worry a lot. Ofcource make shure that in the testlab new SBS works as planed with new address.
0
slumsumAuthor Commented:
that's great, thanks for your vote! I will have to run it by my client on staying with the same routers - nothing changes!


Put the new server and give it 192.168.1.5. In  the advanced settings add new ip address on the same nic and make it 192.168.1.6.


I didn't quite understand the technical view from above regarding the same IP address with .5 & .6 for 1 NIC setting?

thank you!

slumsum
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco

From novice to tech pro — start learning today.