Solved

Server 2008 AD - Configuring client on different subnets with DHCP

Posted on 2013-01-14
6
472 Views
Last Modified: 2013-01-20
Hi, I hope I explain my question easily and has a simple answer.

I want to create two different subnets for client PC's in a Win2K8 AD network. Each client will log into the network using an AD account. Each subnet will have their own Internet proxy server.

There will be two Win2K8 servers - One AD, DNS, DHCP and the other File, IIS. These will be set up using static addresses on the same subnet.

I want to create two different subnets for two different sets of clients from two differnt scopes set from the DHCP.

Question:
If the gateway address set on each workstation is the AD server's address then will the server send client requests to FTP and IIS to the correct server (on the different subnet)?

I was going to forward the clients to the correct proxy using Group Policy. Will this create any issues if the clients are in different sub nets from the server?
 
The plan is not to install RRAS

Any help or links would be appriciated, thank you.
0
Comment
Question by:OsakaKiwi
  • 3
  • 2
6 Comments
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 250 total points
ID: 38774023
I would use a decent Switch at the core of your LANthat can do Layer 3 routing (most decent switches can do this).

Create two VLANS, VLAN TAG (or trunk if its a Cisco) to the servers, create an IP helper on the second VLAN (this is done on the switch as well). Enable routing on the switch, make its default route your existing router/firewall, then finally, Create your two scopes on the DHCP server.
0
 

Author Comment

by:OsakaKiwi
ID: 38776110
Hi, thanks for your answer but unfortunately the instructions are to not install a router. It needs to be configured from within the server and  I was told I don't need RRAS.
0
 
LVL 12

Expert Comment

by:Navdeep
ID: 38776852
Question:
If the gateway address set on each workstation is the AD server's address then will the server send client requests to FTP and IIS to the correct server (on the different subnet)?

Ans:
Basically your AD server is your DNS as well. Gateway IP would be IP of next hop i.e. router if your AD act as gateway (running rras) and as long as IP is routable and resolvable you shall be able to access FTP and IIS

I was going to forward the clients to the correct proxy using Group Policy. Will this create any issues if the clients are in different sub nets from the server?

Ans:
Assuming your proxy configuration is correct. As long as IP is routable and resolvable you shall have no issues.

I hope that help clarify your doubt.

Regards,
Navdeep [ExchangeADTech]
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:OsakaKiwi
ID: 38776890
Hi, Thanks for your help.

The AD server does not have RRAS but it seems your answer suggest it should in order to route clients to ftp and proxy.

Currently all clients and servers are on the same subnet 192.168.0.0/24. AD is 192.168.0.1 and ftp is 192.168.0.2. There is no routing installed.

I have to create two additional subnets 192.168.1.0/24 & 192.168.2.0/24 but gateway would have to be set to 192.168.0.1.

Can I not do this without layer 3 switch or RRAS?  The information I have been given suggest so but I don't know how.

I have attached a basic diagram based on the info I have been given.
network.jpg
0
 
LVL 12

Accepted Solution

by:
Navdeep earned 250 total points
ID: 38776959
Hi,

So servers are on 192.168.0.x
staff on 192.168.1.x
Students on 192.168.2.x

In order for all of them to access each other you would need a layer 3 device (router).

I have to create two additional subnets 192.168.1.0/24 & 192.168.2.0/24 but gateway would have to be set to 192.168.0.1.

This becomes tricky. It will not be easy to get it work. You need to configure end stations without a gateway and use static routes at OS level using netsh.

If budget is a constrainted then you can look into running opensource bsd based router pfsense 2.0.2 (on vmware/virtualpc/openbox). It's pretty mature in terms of development and have lot of useful features.

Regards,
Navdeep [ExchangeADTech]
0
 

Author Closing Comment

by:OsakaKiwi
ID: 38797959
Thanks guys. It seems then I can't do as I am instructed. I will look at installing RRAS or a router.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question