I will be running 2003 SBS for mail, web, ftp, etc. Should this be set up with 2 NICs, one for internal and the other for external?
Should there be a DMZ or something for these services with a firewall or router before the server?
What is the best order of connection devices... example- T1> firewall> sbs server (email,ftp,ect)> switch> users
or should there be a router with static IP before the server?
2006-09-18 06:41:37 · 3 answers · asked by mlinnj 1 in Computers & Internet ➔ Computer Networking
I usually set it with 1 NIC. You get a static public IP and forward ports for the services you are using to the server. DO NOT DMZ the server since that forwards all the ports and leaves you with no firewall.
You can do the two NIC solution, but the routing gets complicated and there is no real advantage to it.
So basically, you have the router that forwards ports to the server. SBS you will probably set up a domain and you need to use the server for DNS and I like to use it for DHCP too. You will need to set up Exchange and IIS at minimum. You probably want Routing and Remote Access too (RAS), everyone seems to anymore. From your list you will have the router forward 21(ftp), 25(smtp), 80(http), 443(https-ssl) to the server. If you are going to do VPNs through RAS in you can add 1723(pptp) to that.
2006-09-18 07:32:30 · answer #1 · answered by Anonymous · 0⤊ 0⤋
I agree with the previous poster for the most part. You will need to add port 20 if you want to run an FTP server on the SBS box. FTP requires both ports 20 and 21.
Your router should have a static IP address. Then your firewall. I highly recommend the Cisco PIX 506E though a 501 will work with up to 50 users. If you need to do VPNs for road warriors, it will be much more secure than the MS VPN solution bundled with Windows. Then comes the switch. The SBS box and all users connect to the switch.
One thought on SBS too. It's a nice deal the first time you set up a system. Hard to beat the pricing structure. But MS has it so tightly locked down that upgrades are a MAJOR pig, especially if you're moving to new hardware. And moving to the full versions is an absolute nightmare should you ever go over the 75 user limit that is hard-coded into SBS.
Having worked with SBS since version 4.0 in the old NT days, I've come to the conclusion that the total cost and time involved from initial deployment to the first upgrade will be a wash. The time and likely consulting fees you'll spend on that upgrade will more than negate the initial savings you enjoyed with SBS in the first place. Just my opinion, but it's based on hard experience.
2006-09-18 10:27:46 · answer #2 · answered by Bostonian In MO 7 · 0⤊ 0⤋
feels like your DHCP is tousled. i do no longer understand what your IP community is like, yet perhaps your sending out an invalid gateway to the DHCP customers? feels like that's some variety of IP addressing concern.
2016-10-15 03:24:32 · answer #3 · answered by ? 4 · 0⤊ 0⤋