Link to home
Create AccountLog in
Avatar of xzay1967
xzay1967

asked on

Help configuring internal NIC for edge transport server

Hi all I have two VM environments, one running on VMware (ESXI 5), and the other on Hyper-V. These are both 2008R2 Ent with SP1, and it's one domain with two sites (NY, Chicago). I am prepping for my 70-662 cert, I am following along with the Train Signal course. NY on VMware, and Chicago is on Hyper-V. I am a bit puzzled on how to configure the interfaces for the Edge transport server. NY has an IP scheme of 172.16.30.xx, and Chicago is set up with 10.1.2.xx. The external is 192.168.1.xx, and both sites have a dedicated server configured as NAT (RAS) servers to facilitate routing and communication between the sites. I am going to put the edge server in NY. I understand that I need to configure the edge server to sit on the DMZ, and it should have two NIC cards. One NIC should be configured as external (192.168.1.xx) and use an external DNS server, which I will use my ISP and Google's DNS server for. For the internal NIC can I use 10.1.2.xx IP scheme, or do I give it a totally different IP scheme and create a route on both NATs? I know I need to add entries to both the edge and the hub transport servers' host file. I am just not clear on what IP I should use on the internal NIC for the edge. I should also point out that I do not have any stand alone firewalls, so I am sort of hoping I can accomplish this with the two NATS and or maybe there is a software firewall I can use.
ASKER CERTIFIED SOLUTION
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of xzay1967
xzay1967

ASKER

I hear what you say, but still a bit puzzled.  As it stands now, with me having the two sites, and two NAT servers and they communicate back and forth, does that constitute as routing? Being able to ping back and forth between both sites, and being able to ping from the edge server to the hubs on either sites, does that fall into being able to route as well? Please explain, cause I am thinking that if I can't route, then I can't communicate either. Aside from having an actual firewall, I am trying to make this lab setup as realistic as possible to real world corporate setup. I know in real world, businesses are not using windows servers as NAT, but I don't have the resources for a firewall. I am open to suggestions to that as well, thanks.