ip addressing and internet access sbs 2003 r2

[jdfinch2]

when i set up this sbs 2003 server for the first time it was attached to a dsl modem for internet access no email or iis uses, with exspantion we moved to a t1 with a static ip attached to a cisco 1841 the router has an ip address of xxx.xxx.xxx.205 and that is just a pass throught for the servers external ip of xxx.xxx.xxx.206 and a server internal address if 192.168.1.1. now i seems to have a bottleneck for internet access at the server.

can i reporpose the router first set it's external address of xxx.xxx.xxx.205 it's internal address 192.168.1.? set the sbs server to one network adapter ip address 192.168.1.1
and set up the router with firewall and port fowarding. would this take the internet load off the server second could i set the second network addapter on the sbs 2003 box to uses xxx.xxx.xxx.206 so that i don't have to change the external hosted dns from its current xxx.xxx.xxx.206 to 205

internal dns on the server is for a .local domain

 

[Lanwench [MVP - Exchange]]

[crossposting to the SBS group]


jdfinch2 wrote:
> when i set up this sbs 2003 server for the first time it was attached
> to a dsl modem for internet access no email or iis uses, with
> exspantion we moved to a t1 with a static ip attached to a cisco 1841
> the router has an ip address of xxx.xxx.xxx.205 and that is just a
> pass throught for the servers external ip of xxx.xxx.xxx.206 and a
> server internal address if 192.168.1.1. now i seems to have a
> bottleneck for internet access at the server.
>
> can i reporpose the router first set it's external address of
> xxx.xxx.xxx.205 it's internal address 192.168.1.? set the sbs server
> to one network adapter ip address 192.168.1.1
> and set up the router with firewall and port fowarding. would this
> take the internet load off the server second could i set the second
> network addapter on the sbs 2003 box to uses xxx.xxx.xxx.206 so that
> i don't have to change the external hosted dns from its current
> xxx.xxx.xxx.206 to 205
>
> internal dns on the server is for a .local domain

I don't know what you mean by "take the internet load off the server" ...
unless you're using ISA (which you don't mention) nobody's going through the
server to get to the Internet. And unless you're using ISA you shouldn't use
two NICs (it adds complexity and gives you little in return). Make sure the
Cisco's firewall is enabled, and leave its internal IP address as
192.168.1.1 (or whatever you want to use). Disable the 2nd NIC in your SBS
box, and rerun the CEICW to set the remaining NIC to an address in the
192.168.1.0 network. In SBS you need to use the wizards for everything if
you want it to run properly. You should be good to go.

Regarding your public DNS, you will need to make sure the IP address(es)
specified in your A record(s) are correct, of course - whatever the public
interface or one-to-one NAT is.

 

[Ace Fekay [MCT]]

"jdfinch2" wrote in message
news:jdfinch2.3z20ff@news.home.local...
>
> when i set up this sbs 2003 server for the first time it was attached to
> a dsl modem for internet access no email or iis uses, with exspantion we
> moved to a t1 with a static ip attached to a cisco 1841 the router has
> an ip address of xxx.xxx.xxx.205 and that is just a pass throught for
> the servers external ip of xxx.xxx.xxx.206 and a server internal address
> if 192.168.1.1. now i seems to have a bottleneck for internet access at
> the server.
>
> can i reporpose the router first set it's external address of
> xxx.xxx.xxx.205 it's internal address 192.168.1.? set the sbs server to
> one network adapter ip address 192.168.1.1
> and set up the router with firewall and port fowarding. would this take
> the internet load off the server second could i set the second network
> addapter on the sbs 2003 box to uses xxx.xxx.xxx.206 so that i don't
> have to change the external hosted dns from its current xxx.xxx.xxx.206
> to 205
>
> internal dns on the server is for a .local domain
>
>
> --
> jdfinch2
> Posted via http://windowsbb.com Forum to Usenet gateway
>


Hello jdfinch2,

Since your post/question involves SBS 2003, I am cross-posting my response
to the SBS newsgroup along with the General newsgroup you originally posted
in (cross-posted to microsoft.public.windows.server.general and
microsoft.public.windows.server.sbs). Just check back to your originally
posted forum for responses, but in the future, you can use the SBS specific
newsgroup to post SBS related questions.

Yes, you can set the internal interface of the Cisco 1841 router as
192.168.1.1. You can then disable the "external" interface on the SBS
server, and set its "internal" interface to 192.168.1.5 (suggested IP), and
set its gateway as 192.168.1.1.

This is provided you are not using ISA on the SBS as a firewall or secure
NAT. If so, you would have to disable this role. You can still use ISA, that
is if you are using it, to perform VPN and web caching services. You would
have to re-run the CECIW wizard once the changes have been made. Make sure
that your DHCP server's DHCP Options have been changed for the DNS and WINS
(if using WINS) addresses so it gives the new internal address to your DHCP
clients. You will also have to change it manually on any machines that
you've set with a static configuration. The gateway address will remain the
same.

For a better suggestion, you can purchase a Cisco ASA 5505 firewall/router,
and "bridge" the Cisco 1841 router to the Cisco ASA, and put the x.x.x.205
address on the ASA. The ASA is a much more robust router that can also offer
secure VPN connectivity, including SSL VPN over a web browser. SSL VPN
provides the ease installing the VPN client directly from the browser,
instead of using the legacy VPN client.

As far as the DNS reference to x.x.x.206 as a DNS address on the external
adapter, we don't recommend using any external DNS address (router or ISP)
on the SBS or any other server, workstation or laptop. Use the internal DNS
(your SBS), and configure a "Forwarder" to your ISP's DNS. This will offload
internet resolution to your ISP's DNS server. A Forwarder can be configured
in the DNS console by right-clicking the DNS server name, choose Properties,
then choose the Forwarders tab. Enter the ISP's DNS address in the
Forwarders list box.

I hope this helps. If there was anything that I may have missed or forgot
regarding SBS, the SBS folks may provide additional information or
suggestions.

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among
responding engineers, and to help others benefit from your resolution.

Ace Fekay, MCT, MCTS 2008, MCTS Exchange, MCSE, MCSA 2003 & 2000, MCSA
Messaging
Microsoft Certified Trainer

For urgent issues, please contact Microsoft PSS directly. Please check
http://support.microsoft.com for regional support phone numbers.

 

[Ace Fekay [MCT]]

"Lanwench [MVP - Exchange]"
wrote in message
news:OHmhaCePKHA.2092@TK2MSFTNGP04.phx.gbl...
> [crossposting to the SBS group]
>
>
> jdfinch2 wrote:
>> when i set up this sbs 2003 server for the first time it was attached
>> to a dsl modem for internet access no email or iis uses, with
>> exspantion we moved to a t1 with a static ip attached to a cisco 1841
>> the router has an ip address of xxx.xxx.xxx.205 and that is just a
>> pass throught for the servers external ip of xxx.xxx.xxx.206 and a
>> server internal address if 192.168.1.1. now i seems to have a
>> bottleneck for internet access at the server.
>>
>> can i reporpose the router first set it's external address of
>> xxx.xxx.xxx.205 it's internal address 192.168.1.? set the sbs server
>> to one network adapter ip address 192.168.1.1
>> and set up the router with firewall and port fowarding. would this
>> take the internet load off the server second could i set the second
>> network addapter on the sbs 2003 box to uses xxx.xxx.xxx.206 so that
>> i don't have to change the external hosted dns from its current
>> xxx.xxx.xxx.206 to 205
>>
>> internal dns on the server is for a .local domain
>
> I don't know what you mean by "take the internet load off the server" ...
> unless you're using ISA (which you don't mention) nobody's going through
> the server to get to the Internet. And unless you're using ISA you
> shouldn't use two NICs (it adds complexity and gives you little in
> return). Make sure the Cisco's firewall is enabled, and leave its internal
> IP address as 192.168.1.1 (or whatever you want to use). Disable the 2nd
> NIC in your SBS box, and rerun the CEICW to set the remaining NIC to an
> address in the 192.168.1.0 network. In SBS you need to use the wizards for
> everything if you want it to run properly. You should be good to go.
>
> Regarding your public DNS, you will need to make sure the IP address(es)
> specified in your A record(s) are correct, of course - whatever the public
> interface or one-to-one NAT is.
>
>
>


Hmm, close timing. You beat me to it. You got your cross-post out before I
posted, but didn't see yours until afterwards.



Ace

 

[Lanwench [MVP - Exchange]]

Ace Fekay [MCT] wrote:
>
>
> Hmm, close timing. You beat me to it. You got your cross-post out
> before I posted, but didn't see yours until afterwards.
>
>
>
> Ace

I'm Quick-Draw McGraw. -)

 

[Ace Fekay [MCT]]

"Lanwench [MVP - Exchange]"
wrote in message
news:%23kyEvzhPKHA.5108@TK2MSFTNGP02.phx.gbl...
> Ace Fekay [MCT] wrote:
>>
>>
>> Hmm, close timing. You beat me to it. You got your cross-post out
>> before I posted, but didn't see yours until afterwards.
>>
>>
>>
>> Ace
>
> I'm Quick-Draw McGraw. -)
>

Must be! LOL!