Solved

Server 2008 AD - Configuring client on different subnets with DHCP

Posted on 2013-01-14
6
467 Views
Last Modified: 2013-01-20
Hi, I hope I explain my question easily and has a simple answer.

I want to create two different subnets for client PC's in a Win2K8 AD network. Each client will log into the network using an AD account. Each subnet will have their own Internet proxy server.

There will be two Win2K8 servers - One AD, DNS, DHCP and the other File, IIS. These will be set up using static addresses on the same subnet.

I want to create two different subnets for two different sets of clients from two differnt scopes set from the DHCP.

Question:
If the gateway address set on each workstation is the AD server's address then will the server send client requests to FTP and IIS to the correct server (on the different subnet)?

I was going to forward the clients to the correct proxy using Group Policy. Will this create any issues if the clients are in different sub nets from the server?
 
The plan is not to install RRAS

Any help or links would be appriciated, thank you.
0
Comment
Question by:OsakaKiwi
  • 3
  • 2
6 Comments
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 250 total points
Comment Utility
I would use a decent Switch at the core of your LANthat can do Layer 3 routing (most decent switches can do this).

Create two VLANS, VLAN TAG (or trunk if its a Cisco) to the servers, create an IP helper on the second VLAN (this is done on the switch as well). Enable routing on the switch, make its default route your existing router/firewall, then finally, Create your two scopes on the DHCP server.
0
 

Author Comment

by:OsakaKiwi
Comment Utility
Hi, thanks for your answer but unfortunately the instructions are to not install a router. It needs to be configured from within the server and  I was told I don't need RRAS.
0
 
LVL 12

Expert Comment

by:Navdeep
Comment Utility
Question:
If the gateway address set on each workstation is the AD server's address then will the server send client requests to FTP and IIS to the correct server (on the different subnet)?

Ans:
Basically your AD server is your DNS as well. Gateway IP would be IP of next hop i.e. router if your AD act as gateway (running rras) and as long as IP is routable and resolvable you shall be able to access FTP and IIS

I was going to forward the clients to the correct proxy using Group Policy. Will this create any issues if the clients are in different sub nets from the server?

Ans:
Assuming your proxy configuration is correct. As long as IP is routable and resolvable you shall have no issues.

I hope that help clarify your doubt.

Regards,
Navdeep [ExchangeADTech]
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:OsakaKiwi
Comment Utility
Hi, Thanks for your help.

The AD server does not have RRAS but it seems your answer suggest it should in order to route clients to ftp and proxy.

Currently all clients and servers are on the same subnet 192.168.0.0/24. AD is 192.168.0.1 and ftp is 192.168.0.2. There is no routing installed.

I have to create two additional subnets 192.168.1.0/24 & 192.168.2.0/24 but gateway would have to be set to 192.168.0.1.

Can I not do this without layer 3 switch or RRAS?  The information I have been given suggest so but I don't know how.

I have attached a basic diagram based on the info I have been given.
network.jpg
0
 
LVL 12

Accepted Solution

by:
Navdeep earned 250 total points
Comment Utility
Hi,

So servers are on 192.168.0.x
staff on 192.168.1.x
Students on 192.168.2.x

In order for all of them to access each other you would need a layer 3 device (router).

I have to create two additional subnets 192.168.1.0/24 & 192.168.2.0/24 but gateway would have to be set to 192.168.0.1.

This becomes tricky. It will not be easy to get it work. You need to configure end stations without a gateway and use static routes at OS level using netsh.

If budget is a constrainted then you can look into running opensource bsd based router pfsense 2.0.2 (on vmware/virtualpc/openbox). It's pretty mature in terms of development and have lot of useful features.

Regards,
Navdeep [ExchangeADTech]
0
 

Author Closing Comment

by:OsakaKiwi
Comment Utility
Thanks guys. It seems then I can't do as I am instructed. I will look at installing RRAS or a router.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

This article is a step by step guide on how to create a basic PTP link using Ubiquiti airOS devices. This guide can be used on the following Ubiquiti AirMAX devices. Nanostation, Bullets, AirBridge, Nanobeam, NanoBridge to name a few. Please review …
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now