?
Solved

Server 2008 AD - Configuring client on different subnets with DHCP

Posted on 2013-01-14
6
Medium Priority
?
484 Views
Last Modified: 2013-01-20
Hi, I hope I explain my question easily and has a simple answer.

I want to create two different subnets for client PC's in a Win2K8 AD network. Each client will log into the network using an AD account. Each subnet will have their own Internet proxy server.

There will be two Win2K8 servers - One AD, DNS, DHCP and the other File, IIS. These will be set up using static addresses on the same subnet.

I want to create two different subnets for two different sets of clients from two differnt scopes set from the DHCP.

Question:
If the gateway address set on each workstation is the AD server's address then will the server send client requests to FTP and IIS to the correct server (on the different subnet)?

I was going to forward the clients to the correct proxy using Group Policy. Will this create any issues if the clients are in different sub nets from the server?
 
The plan is not to install RRAS

Any help or links would be appriciated, thank you.
0
Comment
Question by:OsakaKiwi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 750 total points
ID: 38774023
I would use a decent Switch at the core of your LANthat can do Layer 3 routing (most decent switches can do this).

Create two VLANS, VLAN TAG (or trunk if its a Cisco) to the servers, create an IP helper on the second VLAN (this is done on the switch as well). Enable routing on the switch, make its default route your existing router/firewall, then finally, Create your two scopes on the DHCP server.
0
 

Author Comment

by:OsakaKiwi
ID: 38776110
Hi, thanks for your answer but unfortunately the instructions are to not install a router. It needs to be configured from within the server and  I was told I don't need RRAS.
0
 
LVL 12

Expert Comment

by:Navdeep
ID: 38776852
Question:
If the gateway address set on each workstation is the AD server's address then will the server send client requests to FTP and IIS to the correct server (on the different subnet)?

Ans:
Basically your AD server is your DNS as well. Gateway IP would be IP of next hop i.e. router if your AD act as gateway (running rras) and as long as IP is routable and resolvable you shall be able to access FTP and IIS

I was going to forward the clients to the correct proxy using Group Policy. Will this create any issues if the clients are in different sub nets from the server?

Ans:
Assuming your proxy configuration is correct. As long as IP is routable and resolvable you shall have no issues.

I hope that help clarify your doubt.

Regards,
Navdeep [ExchangeADTech]
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:OsakaKiwi
ID: 38776890
Hi, Thanks for your help.

The AD server does not have RRAS but it seems your answer suggest it should in order to route clients to ftp and proxy.

Currently all clients and servers are on the same subnet 192.168.0.0/24. AD is 192.168.0.1 and ftp is 192.168.0.2. There is no routing installed.

I have to create two additional subnets 192.168.1.0/24 & 192.168.2.0/24 but gateway would have to be set to 192.168.0.1.

Can I not do this without layer 3 switch or RRAS?  The information I have been given suggest so but I don't know how.

I have attached a basic diagram based on the info I have been given.
network.jpg
0
 
LVL 12

Accepted Solution

by:
Navdeep earned 750 total points
ID: 38776959
Hi,

So servers are on 192.168.0.x
staff on 192.168.1.x
Students on 192.168.2.x

In order for all of them to access each other you would need a layer 3 device (router).

I have to create two additional subnets 192.168.1.0/24 & 192.168.2.0/24 but gateway would have to be set to 192.168.0.1.

This becomes tricky. It will not be easy to get it work. You need to configure end stations without a gateway and use static routes at OS level using netsh.

If budget is a constrainted then you can look into running opensource bsd based router pfsense 2.0.2 (on vmware/virtualpc/openbox). It's pretty mature in terms of development and have lot of useful features.

Regards,
Navdeep [ExchangeADTech]
0
 

Author Closing Comment

by:OsakaKiwi
ID: 38797959
Thanks guys. It seems then I can't do as I am instructed. I will look at installing RRAS or a router.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question