Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.
Course Of The Month
5 days, 19 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
SBS2011 box behind router behind modem setup
Posted on 2016-07-29
Your help in setting up an existing sbs server is appreciated.
The background:
We have an sbs server that used to connect directly to either our cable modem or our dsl depending on which had an outage.
Both the cable modem and dsl modem had the same IP address (192.168.0.1) with deco turned off and appropriate ports forwarded to the sbs server which has up address (192.168.0.2)
One day the cable modem hiccuped and dhcp turned itself on which caused havoc with the sbs server so now the server is only on the dsl modem. We can't figure out where the dhcp is on the cable because all settings are the same.
We still want to use both when there is an outage on one, like now that our dsl is down.
How can we set up a router between the sbs server and either modem?
Do we use a router, turn off dhcp, and have the cable modem port forward to the ip address of the router? Then have the router port forward to the sbs server?
If so what IP address do we assign to the router? Do we turn dhcp back on on the cable modem and dsl modem and still port forward to the router?
I'm stumped and your help is appreciated.
The background:
We have an sbs server that used to connect directly to either our cable modem or our dsl depending on which had an outage.
Both the cable modem and dsl modem had the same IP address (192.168.0.1) with deco turned off and appropriate ports forwarded to the sbs server which has up address (192.168.0.2)
One day the cable modem hiccuped and dhcp turned itself on which caused havoc with the sbs server so now the server is only on the dsl modem. We can't figure out where the dhcp is on the cable because all settings are the same.
We still want to use both when there is an outage on one, like now that our dsl is down.
How can we set up a router between the sbs server and either modem?
Do we use a router, turn off dhcp, and have the cable modem port forward to the ip address of the router? Then have the router port forward to the sbs server?
If so what IP address do we assign to the router? Do we turn dhcp back on on the cable modem and dsl modem and still port forward to the router?
I'm stumped and your help is appreciated.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3-
2
-
2
7 Comments
Active today
Maybe a stupid question, but if you have to failover from one service to the other, undoubtedly the public facing IP is going to be different. Are you actually manually (or using some dynamic DNS service, e.g. dyndns, dnsmadeeasy, etc.) changing public DNS records to forward traffic through the connection you failed over to?
At any rate, my recommendation is using a link balancer or link aggregator. Alternatively, you could put a router or firewall in between the cable/dsl service(s) and the LAN where the SBS resides. With a Router or Firewall you could connect both your WAN Services and setup some kind of IP SLA to determine when to failover to one circuit of the other. The modems/routers for both service providers should be bridged to allow your firewall/router to be public facing.
Link Balancer option: https://www.barracuda.com/products/linkbalancer/models
- The 230 would be plenty adequate.
For firewalls, their are tons of options. I personally like Cisco products, e.g. Cisco ASA (5506-X would be adequate for your needs).
MO
At any rate, my recommendation is using a link balancer or link aggregator. Alternatively, you could put a router or firewall in between the cable/dsl service(s) and the LAN where the SBS resides. With a Router or Firewall you could connect both your WAN Services and setup some kind of IP SLA to determine when to failover to one circuit of the other. The modems/routers for both service providers should be bridged to allow your firewall/router to be public facing.
Link Balancer option: https://www.barracuda.com/products/linkbalancer/models
- The 230 would be plenty adequate.
For firewalls, their are tons of options. I personally like Cisco products, e.g. Cisco ASA (5506-X would be adequate for your needs).
MO
I could be wrong, but since both of your modems are doing NAT, it sounds like they are both routers. So I am not sure if inserting another router in between (and doing dual NAT?) is beneficial.
You're trying to find out where (on the cable modem) DHCP is enabled? are you able to log into its web interface? Depending on the device, maybe there's an 'Advanced' mode and only there will you see the DHCP option.
If you have a small(ish) network, consider turning DHCP off and assigning manual IPs to all of your devices (computers, printers, etc). (People will probably snarl at this since in a well-designed network, this is nothing but an added complexity).
Either way I'd definitely disable DHCP on both internet devices. Also, your SBS prefers (wants) to be the DNS for your Microsoft domain.
How were your computers getting out to the internet, if your SBS was connected directly to the modem?
You're trying to find out where (on the cable modem) DHCP is enabled? are you able to log into its web interface? Depending on the device, maybe there's an 'Advanced' mode and only there will you see the DHCP option.
If you have a small(ish) network, consider turning DHCP off and assigning manual IPs to all of your devices (computers, printers, etc). (People will probably snarl at this since in a well-designed network, this is nothing but an added complexity).
Either way I'd definitely disable DHCP on both internet devices. Also, your SBS prefers (wants) to be the DNS for your Microsoft domain.
How were your computers getting out to the internet, if your SBS was connected directly to the modem?
Michael Ortega, can you tell us more about this Barracuda Link Balancer? Let's say my primary ISP gave me a few public IPs, and those public IPs are mapping to servers in my DMZ. (Email, FTP, Web, etc).
Now let's say my primary Internet connection goes out and my backup internet kicks in. Now what? Wouldn't all my IP services be down as well?
How do these devices address work, in this scenario?
Now let's say my primary Internet connection goes out and my backup internet kicks in. Now what? Wouldn't all my IP services be down as well?
How do these devices address work, in this scenario?
Active today
The Link Balancer acts as a single device/gateway to trusted resources inside. The rules are setup for forwarding just like any router/firewall. There are ACLs to allow traffic inbound. You would need to bridge the carriers' routers/modems first though.
MO
MO
Michael,
Thanks for your suggestion.
So would this be a correct synopsis?
In my case a dual wan router installed and have both the dsl modem and cable modem bridge mode so that the dual wan router is assigned the IP address by Comcast and ATT respectively. And then configure port forwarding on each wan from within the dual wan router?
In effect I'm combining both modems into one box and controlling the box like I used to control each modem individually?
Is that correct?
In answer to the other questions:
We do use dynamic dns updating at dyn.com to make sure we receive our email etc.
I've tried everything on the cable modem and drilled down every menu to find the dhcp server but no luck. I think the cable modem went crazy with a glitch.
Thanks for your suggestion.
So would this be a correct synopsis?
In my case a dual wan router installed and have both the dsl modem and cable modem bridge mode so that the dual wan router is assigned the IP address by Comcast and ATT respectively. And then configure port forwarding on each wan from within the dual wan router?
In effect I'm combining both modems into one box and controlling the box like I used to control each modem individually?
Is that correct?
In answer to the other questions:
We do use dynamic dns updating at dyn.com to make sure we receive our email etc.
I've tried everything on the cable modem and drilled down every menu to find the dhcp server but no luck. I think the cable modem went crazy with a glitch.
Michael,
A follow up to my comment. If the above I wrote is correct, and my sbs server has a static ip of 192.168.1.2 and is configured to use 192.168.1.1 as the gateway, would the dual wan box have IP address of 192.168.1.1?
I'm trying to confirm that the dual wan router would then take care of balancing the outbound traffic.
If each wan connection would have a different static IP address then that couldn't work well. But I imagine it's the latter.
The barracuda looks good but may be overkill for our 4 person office. CISCO SYSTEMS Gigabit Dual WAN VPN 16 Port Router (RV325K9NA) Looks like it may work AND replace our switch to save space.
A follow up to my comment. If the above I wrote is correct, and my sbs server has a static ip of 192.168.1.2 and is configured to use 192.168.1.1 as the gateway, would the dual wan box have IP address of 192.168.1.1?
I'm trying to confirm that the dual wan router would then take care of balancing the outbound traffic.
If each wan connection would have a different static IP address then that couldn't work well. But I imagine it's the latter.
The barracuda looks good but may be overkill for our 4 person office. CISCO SYSTEMS Gigabit Dual WAN VPN 16 Port Router (RV325K9NA) Looks like it may work AND replace our switch to save space.
Active today
Yes, the Router (dual WAN) would have a single internal IP (192.168.1.1). You could port forward services that you needed on each WAN interface to the inside host 192.168.1.2. Your DynDNS would take care of things like mailflow. I would not recommend aggregating the bandwidth in this case. Instead use the Dual WAN links for failover purposes. Balancing and Aggregating the links will be problematic for traffic coming in and the DynDNS service having to change constantly to deal with the arbitrary way the router sends the traffic out. More enterprise grade equipment would allow you to create routing rules to force certain traffic out a particular service, but like you mentioned in your previous post - that might be overkill for a 4 man office.
MO
MO
Featured Post
ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.
One of a set of tools we're offering as a way to say thank you for being a part of the community.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Suggested Solutions
| Title | # Comments | Views | Activity |
|---|---|---|---|
| PoE Injector and switch | 2 | 52 | |
| IP Jumping | 6 | 70 | |
| How can we use Acrylic Wi-Fi to observe our LAN | 7 | 55 | |
| Samsung Tablet no Internet but does connect to WiFi | 7 | 50 |
Problem Description:
Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s.
We were in need for public IP’s to publish our web resour…
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month5 days, 19 hours left to enroll
734 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.