Going from one NIC to Two

Hi all,

I posted this already in the SBS NG, but wanted to ask here as well.

We have Win Server 2003 SBS Edition (premium) running with one NIC which
connects to our router/gateway. The NIC IP is in the 192.168.1.x range, as
our router is the standard Linksys 192.168.1.1 . Our ISP is cable - and
the IP is dynamic. Router/gateway handles this for us. This works great,
but 2 NIC's would allow us to use things such as ISA, which interests us.

We would like to move this to 2 NIC's - one connected to the router/gateway
combo for internet access and the current NIC connected to a switch for the
LAN.

What IP configs must change for this to work?

Specifically, how do we configure the new NIC and does the old one have to
altered?

Will the new NIC be able to use the router uPnP features of the router to
configure it? (SBS has a very good config wizard to set this all up).

We tried it last night and were rather unsuccessful in getting the second
card to work properly through the router. IT didn't detect the uPnP option.

Bypass the router and use only the NIC in the server for the WAN and it was
great.

We'd like the extra level of protection however that the router/gateway
offers.

J

As I understand from what you told..

1. The ISP gives dynamic IP, but your router is already
configured so that, from the server NIC you can claim a static IP from the
router.

2. You want now to use two NICs, one connected to router and one for LAN,
where all clients will be connected and will obtain IP either statically or
through DHCP on the server
Router will not be on this subnet.

3. You want all the clients have internet access.

So you need to set up either NAT or ICS (though NAT is better choice over
ICS)

Did I understand this correct, is this what you want to do? Please let me
know
and I will tell you what you need to do.

Sharad


"Jimbo" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi all,
>
> I posted this already in the SBS NG, but wanted to ask here as well.
>
> We have Win Server 2003 SBS Edition (premium) running with one NIC which
> connects to our router/gateway. The NIC IP is in the 192.168.1.x range,
as
> our router is the standard Linksys 192.168.1.1 . Our ISP is cable - and
> the IP is dynamic. Router/gateway handles this for us. This works great,
> but 2 NIC's would allow us to use things such as ISA, which interests us.
>
> We would like to move this to 2 NIC's - one connected to the
router/gateway
> combo for internet access and the current NIC connected to a switch for
the
> LAN.
>
> What IP configs must change for this to work?
>
> Specifically, how do we configure the new NIC and does the old one have to
> altered?
>
> Will the new NIC be able to use the router uPnP features of the router to
> configure it? (SBS has a very good config wizard to set this all up).
>
> We tried it last night and were rather unsuccessful in getting the second
> card to work properly through the router. IT didn't detect the uPnP
option.
>
> Bypass the router and use only the NIC in the server for the WAN and it
was
> great.
>
> We'd like the extra level of protection however that the router/gateway
> offers.
>
> J
>
>
>

HI Sharad,


> 1. The ISP gives dynamic IP, but your router is already
> configured so that, from the server NIC you can claim a static IP from the
> router.

Correct. HOwever, DHCP is set through windoes server 2003 as recceomended.


> 2. You want now to use two NICs, one connected to router and one for LAN,
> where all clients will be connected and will obtain IP either statically
or
> through DHCP on the server
> Router will not be on this subnet.

This is correct. Whether or not the router is on this subnet is unknown ot
me - as this is one of the questions I have.


> 3. You want all the clients have internet access.

Correct!

> So you need to set up either NAT or ICS (though NAT is better choice over
> ICS)

This is true. I would prefer NAT.


> Did I understand this correct, is this what you want to do? Please let me
> know
> and I will tell you what you need to do.


You understand perfectly and I appreciate your help!

To be clear - here is how I envision the harware:

Server NIC 1 > Router/Gateway/Firewall Combo Unit 192.168.1.1 (upnp
possible) > ISP (Cable/dynamic IP/no login required)

Server NIC 2 > Network Switch/Hub (Hub also connects to the client PC's)

Client PC's get DHCP/DNS from Server .

Sound correct?

So how do I accomplish this? My only attempt had me scratching my head, as
the router was not detected as it is when I configure using only one card.
(this is useful as SBS 2003 has a great wizard - CEICW - for configuring the
network and firwall settings. It works flawlessly, but needs to connect to
the router via upnp)

JS



> > I posted this already in the SBS NG, but wanted to ask here as well.
> >
> > We have Win Server 2003 SBS Edition (premium) running with one NIC which
> > connects to our router/gateway. The NIC IP is in the 192.168.1.x range,
> as
> > our router is the standard Linksys 192.168.1.1 . Our ISP is cable -
and
> > the IP is dynamic. Router/gateway handles this for us. This works
great,
> > but 2 NIC's would allow us to use things such as ISA, which interests
us.
> >
> > We would like to move this to 2 NIC's - one connected to the
> router/gateway
> > combo for internet access and the current NIC connected to a switch for
> the
> > LAN.
> >
> > What IP configs must change for this to work?
> >
> > Specifically, how do we configure the new NIC and does the old one have
to
> > altered?
> >
> > Will the new NIC be able to use the router uPnP features of the router
to
> > configure it? (SBS has a very good config wizard to set this all up).
> >
> > We tried it last night and were rather unsuccessful in getting the
second
> > card to work properly through the router. IT didn't detect the uPnP
> option.
> >
> > Bypass the router and use only the NIC in the server for the WAN and it
> was
> > great.
> >
> > We'd like the extra level of protection however that the router/gateway
> > offers.
> >
> > J
> >
> >
> >
>
>

OK, here you go..

Router is not on the local subnet.. means, the router
cable is not coming on the same network switch / hub to wich the
local NIC is connected. This will create a problem so either
use seperate hubs / network switch for the internet and local NICs
or , from internet NIC to the router have a cross-over cable.

So the set up you need to do is as under.

1. Internet NIC (to be connected to router) .. TCP/IP settings:
Static IP : 192.168.1.1
Default GateWay: IP address of the router
Preffered DNS server: Either the DNS server of the ISP OR
if your server is also a DNS server and is all set to handle external
querries (either through root hints or through forwarder) you can also
give the IP of your server.
Subnet mask: Same subnet mask as your router uses.

2. Local NIC (for clients).. TCP/IP settings:
Static IP: 192.168.0.1
Default GateWay: None .. Leave it Blank
Preffered DNS .. Local IP address of your Server.i.e. 192.168.0.1 if it's
also a DNS Server
(and if it is also an AD, then it must be set to 192.168.0.1)
Subnet Mask: 255.255.255.0

3. In Netwrok Connection Properties Click on Advance Menu and Select
Advanced Settings. There ensure that in adapter binding, the Local NIC is
at top, if not move it to the top.

4. NAT Configuration:

Internet NIC - To be configured as Proxy (Querier). for this
Start Remote Access & Routing..
Expand IP Routing, Select IGMP

On right site Ineternet NIC and Local NIC will be listed.
Right click on Internet NIC (which has IP 192.168.1.1),
select properties, and set it as IGMP Proxy.

Local NIC - To be configured as Router.. for this
same procedure as above, set it as IGMP Router.
(Thus for clients connecting to your win2K3 server on Local NIC
192.168.0.1 becomes the router.)

5. Static Route:
Static Route is to be set for Internet NIC (having IP 192.168.1.1)
The static route must be set as
Destination : 0.0.0.0
Network Mask: 0.0.0.0
(both above set to zeros, so the translation is allowed
for all outgoing traffic.)
Gateway: IP address of the router

While setting the static route, please ensure that it shows interface as
Internet NIC
then click OK.

6. DHCP: DHCP must be bound to Local NIC (OR Internet NIC & Local NIC Both
both, but binding
to Internet NIC is not as such necessary. Be sure that you have authorised
the DHCP Server after it is set up.)

In DHCP Option, you can set Router, to 192.168.0.1 (and NOT the router IP
address)
For all clients set Default GateWay to 192.168.0.1

You may better set, Router 192.168.0.1 in DHCP Options and
also set DHCP options for DNS Servers and enter the preffered, secondary and
other DNS servers there.

7. Clients TCP/IP settings:
Obtain IP automatically and do not enter any Default GateWay and DNS servers
if you set the router and DNS servers in DHCP Options.
If not set these DHCP options, then give default gateway 192.168.0.1 and
DNS servers -- as per your DNS servers.

With these settings I don't see a reason why it should not work.

Sharad

"Jimbo" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> HI Sharad,
>
>
> > 1. The ISP gives dynamic IP, but your router is already
> > configured so that, from the server NIC you can claim a static IP from
the
> > router.
>
> Correct. HOwever, DHCP is set through windoes server 2003 as
recceomended.
>
>
> > 2. You want now to use two NICs, one connected to router and one for
LAN,
> > where all clients will be connected and will obtain IP either statically
> or
> > through DHCP on the server
> > Router will not be on this subnet.
>
> This is correct. Whether or not the router is on this subnet is unknown
ot
> me - as this is one of the questions I have.
>
>
> > 3. You want all the clients have internet access.
>
> Correct!
>
> > So you need to set up either NAT or ICS (though NAT is better choice
over
> > ICS)
>
> This is true. I would prefer NAT.
>
>
> > Did I understand this correct, is this what you want to do? Please let
me
> > know
> > and I will tell you what you need to do.
>
>
> You understand perfectly and I appreciate your help!
>
> To be clear - here is how I envision the harware:
>
> Server NIC 1 > Router/Gateway/Firewall Combo Unit 192.168.1.1 (upnp
> possible) > ISP (Cable/dynamic IP/no login required)
>
> Server NIC 2 > Network Switch/Hub (Hub also connects to the client PC's)
>
> Client PC's get DHCP/DNS from Server .
>
> Sound correct?
>
> So how do I accomplish this? My only attempt had me scratching my head,
as
> the router was not detected as it is when I configure using only one card.
> (this is useful as SBS 2003 has a great wizard - CEICW - for configuring
the
> network and firwall settings. It works flawlessly, but needs to connect
to
> the router via upnp)
>
> JS
>
>
>
> > > I posted this already in the SBS NG, but wanted to ask here as well.
> > >
> > > We have Win Server 2003 SBS Edition (premium) running with one NIC
which
> > > connects to our router/gateway. The NIC IP is in the 192.168.1.x
range,
> > as
> > > our router is the standard Linksys 192.168.1.1 . Our ISP is cable -
> and
> > > the IP is dynamic. Router/gateway handles this for us. This works
> great,
> > > but 2 NIC's would allow us to use things such as ISA, which interests
> us.
> > >
> > > We would like to move this to 2 NIC's - one connected to the
> > router/gateway
> > > combo for internet access and the current NIC connected to a switch
for
> > the
> > > LAN.
> > >
> > > What IP configs must change for this to work?
> > >
> > > Specifically, how do we configure the new NIC and does the old one
have
> to
> > > altered?
> > >
> > > Will the new NIC be able to use the router uPnP features of the router
> to
> > > configure it? (SBS has a very good config wizard to set this all up).
> > >
> > > We tried it last night and were rather unsuccessful in getting the
> second
> > > card to work properly through the router. IT didn't detect the uPnP
> > option.
> > >
> > > Bypass the router and use only the NIC in the server for the WAN and
it
> > was
> > > great.
> > >
> > > We'd like the extra level of protection however that the
router/gateway
> > > offers.
> > >
> > > J
> > >
> > >
> > >
> >
> >
>
>

Hi Sharad,

This is great, thank you so much.

One question about the router/gateway however: The Cable modem hooks into
its WAN port and the NIC on the server hooks to an autosensing,switched port
of the same unit. Does this not achieve what you suggest? Was I not clear
on this before? Sorry! Because I admit to still being a bit confused about
the comment you made regarding crossover cables and such.

The second server NIC and client PC's are on a separate hub/switch

JS


"sharad" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> OK, here you go..
>
> Router is not on the local subnet.. means, the router
> cable is not coming on the same network switch / hub to wich the
> local NIC is connected. This will create a problem so either
> use seperate hubs / network switch for the internet and local NICs
> or , from internet NIC to the router have a cross-over cable.
>
> So the set up you need to do is as under.
>
> 1. Internet NIC (to be connected to router) .. TCP/IP settings:
> Static IP : 192.168.1.1
> Default GateWay: IP address of the router
> Preffered DNS server: Either the DNS server of the ISP OR
> if your server is also a DNS server and is all set to handle external
> querries (either through root hints or through forwarder) you can also
> give the IP of your server.
> Subnet mask: Same subnet mask as your router uses.
>
> 2. Local NIC (for clients).. TCP/IP settings:
> Static IP: 192.168.0.1
> Default GateWay: None .. Leave it Blank
> Preffered DNS .. Local IP address of your Server.i.e. 192.168.0.1 if it's
> also a DNS Server
> (and if it is also an AD, then it must be set to 192.168.0.1)
> Subnet Mask: 255.255.255.0
>
> 3. In Netwrok Connection Properties Click on Advance Menu and Select
> Advanced Settings. There ensure that in adapter binding, the Local NIC is
> at top, if not move it to the top.
>
> 4. NAT Configuration:
>
> Internet NIC - To be configured as Proxy (Querier). for this
> Start Remote Access & Routing..
> Expand IP Routing, Select IGMP
>
> On right site Ineternet NIC and Local NIC will be listed.
> Right click on Internet NIC (which has IP 192.168.1.1),
> select properties, and set it as IGMP Proxy.
>
> Local NIC - To be configured as Router.. for this
> same procedure as above, set it as IGMP Router.
> (Thus for clients connecting to your win2K3 server on Local NIC
> 192.168.0.1 becomes the router.)
>
> 5. Static Route:
> Static Route is to be set for Internet NIC (having IP 192.168.1.1)
> The static route must be set as
> Destination : 0.0.0.0
> Network Mask: 0.0.0.0
> (both above set to zeros, so the translation is allowed
> for all outgoing traffic.)
> Gateway: IP address of the router
>
> While setting the static route, please ensure that it shows interface as
> Internet NIC
> then click OK.
>
> 6. DHCP: DHCP must be bound to Local NIC (OR Internet NIC & Local NIC
Both
> both, but binding
> to Internet NIC is not as such necessary. Be sure that you have authorised
> the DHCP Server after it is set up.)
>
> In DHCP Option, you can set Router, to 192.168.0.1 (and NOT the router IP
> address)
> For all clients set Default GateWay to 192.168.0.1
>
> You may better set, Router 192.168.0.1 in DHCP Options and
> also set DHCP options for DNS Servers and enter the preffered, secondary
and
> other DNS servers there.
>
> 7. Clients TCP/IP settings:
> Obtain IP automatically and do not enter any Default GateWay and DNS
servers
> if you set the router and DNS servers in DHCP Options.
> If not set these DHCP options, then give default gateway 192.168.0.1 and
> DNS servers -- as per your DNS servers.
>
> With these settings I don't see a reason why it should not work.
>
> Sharad
>
> "Jimbo" <(E-Mail Removed)> wrote in message
> news:%(E-Mail Removed)...
> > HI Sharad,
> >
> >
> > > 1. The ISP gives dynamic IP, but your router is already
> > > configured so that, from the server NIC you can claim a static IP from
> the
> > > router.
> >
> > Correct. HOwever, DHCP is set through windoes server 2003 as
> recceomended.
> >
> >
> > > 2. You want now to use two NICs, one connected to router and one for
> LAN,
> > > where all clients will be connected and will obtain IP either
statically
> > or
> > > through DHCP on the server
> > > Router will not be on this subnet.
> >
> > This is correct. Whether or not the router is on this subnet is unknown
> ot
> > me - as this is one of the questions I have.
> >
> >
> > > 3. You want all the clients have internet access.
> >
> > Correct!
> >
> > > So you need to set up either NAT or ICS (though NAT is better choice
> over
> > > ICS)
> >
> > This is true. I would prefer NAT.
> >
> >
> > > Did I understand this correct, is this what you want to do? Please let
> me
> > > know
> > > and I will tell you what you need to do.
> >
> >
> > You understand perfectly and I appreciate your help!
> >
> > To be clear - here is how I envision the harware:
> >
> > Server NIC 1 > Router/Gateway/Firewall Combo Unit 192.168.1.1 (upnp
> > possible) > ISP (Cable/dynamic IP/no login required)
> >
> > Server NIC 2 > Network Switch/Hub (Hub also connects to the client PC's)
> >
> > Client PC's get DHCP/DNS from Server .
> >
> > Sound correct?
> >
> > So how do I accomplish this? My only attempt had me scratching my head,
> as
> > the router was not detected as it is when I configure using only one
card.
> > (this is useful as SBS 2003 has a great wizard - CEICW - for configuring
> the
> > network and firwall settings. It works flawlessly, but needs to connect
> to
> > the router via upnp)
> >
> > JS
> >
> >
> >
> > > > I posted this already in the SBS NG, but wanted to ask here as well.
> > > >
> > > > We have Win Server 2003 SBS Edition (premium) running with one NIC
> which
> > > > connects to our router/gateway. The NIC IP is in the 192.168.1.x
> range,
> > > as
> > > > our router is the standard Linksys 192.168.1.1 . Our ISP is
cable -
> > and
> > > > the IP is dynamic. Router/gateway handles this for us. This works
> > great,
> > > > but 2 NIC's would allow us to use things such as ISA, which
interests
> > us.
> > > >
> > > > We would like to move this to 2 NIC's - one connected to the
> > > router/gateway
> > > > combo for internet access and the current NIC connected to a switch
> for
> > > the
> > > > LAN.
> > > >
> > > > What IP configs must change for this to work?
> > > >
> > > > Specifically, how do we configure the new NIC and does the old one
> have
> > to
> > > > altered?
> > > >
> > > > Will the new NIC be able to use the router uPnP features of the
router
> > to
> > > > configure it? (SBS has a very good config wizard to set this all
up).
> > > >
> > > > We tried it last night and were rather unsuccessful in getting the
> > second
> > > > card to work properly through the router. IT didn't detect the uPnP
> > > option.
> > > >
> > > > Bypass the router and use only the NIC in the server for the WAN and
> it
> > > was
> > > > great.
> > > >
> > > > We'd like the extra level of protection however that the
> router/gateway
> > > > offers.
> > > >
> > > > J
> > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>

What you are proposing to do is OK, but it requires a major change to the
way your network is set up.

With your current setup, the router is the default gateway of your LAN,
and all machines access the Internet directly through that router. What you
are proposing is that your LAN clients do not access the Internet directly
through the router. The new setup would in fact be more like a LAN accessing
the Internet through an ISA server connected to a DMZ. The difference is
that the DMZ is a private addressed subnet. The default gateway of your LAN
would now be the RRAS router (ie your SBS server).

The DMZ subnet and your private LAN must be in different IP subnets. So
if the DMZ subnet (linking the router to the server) uses 192.168.1.0/24 ,
you cannot use that same subnet for your LAN machines (and vice versa, of
course).

As far as configuring the setup, you would now need to have your LAN
machines getting their config from the SBS server rather than the router.
The router is now just your link to the Internet. It is no longer really any
part of your LAN. The SBS server is now your link the the outside world and
it should look after DHCP for the LAN. I would configure the server NICs
manually. eg

Internet
|
public IP
router
192.168.1.1
|
192.168.1.2 dg 192.168.1.1
SBS
192.168.23.1 dg blank
|
LAN clients
192.168.23.x dg 192.168.23.1

"Jimbo" <(E-Mail Removed)> wrote in message
news:#(E-Mail Removed)...
> Hi Sharad,
>
> This is great, thank you so much.
>
> One question about the router/gateway however: The Cable modem hooks into
> its WAN port and the NIC on the server hooks to an autosensing,switched
port
> of the same unit. Does this not achieve what you suggest? Was I not
clear
> on this before? Sorry! Because I admit to still being a bit confused
about
> the comment you made regarding crossover cables and such.
>
> The second server NIC and client PC's are on a separate hub/switch
>
> JS
>
>
> "sharad" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > OK, here you go..
> >
> > Router is not on the local subnet.. means, the router
> > cable is not coming on the same network switch / hub to wich the
> > local NIC is connected. This will create a problem so either
> > use seperate hubs / network switch for the internet and local NICs
> > or , from internet NIC to the router have a cross-over cable.
> >
> > So the set up you need to do is as under.
> >
> > 1. Internet NIC (to be connected to router) .. TCP/IP settings:
> > Static IP : 192.168.1.1
> > Default GateWay: IP address of the router
> > Preffered DNS server: Either the DNS server of the ISP OR
> > if your server is also a DNS server and is all set to handle external
> > querries (either through root hints or through forwarder) you can also
> > give the IP of your server.
> > Subnet mask: Same subnet mask as your router uses.
> >
> > 2. Local NIC (for clients).. TCP/IP settings:
> > Static IP: 192.168.0.1
> > Default GateWay: None .. Leave it Blank
> > Preffered DNS .. Local IP address of your Server.i.e. 192.168.0.1 if
it's
> > also a DNS Server
> > (and if it is also an AD, then it must be set to 192.168.0.1)
> > Subnet Mask: 255.255.255.0
> >
> > 3. In Netwrok Connection Properties Click on Advance Menu and Select
> > Advanced Settings. There ensure that in adapter binding, the Local NIC
is
> > at top, if not move it to the top.
> >
> > 4. NAT Configuration:
> >
> > Internet NIC - To be configured as Proxy (Querier). for this
> > Start Remote Access & Routing..
> > Expand IP Routing, Select IGMP
> >
> > On right site Ineternet NIC and Local NIC will be listed.
> > Right click on Internet NIC (which has IP 192.168.1.1),
> > select properties, and set it as IGMP Proxy.
> >
> > Local NIC - To be configured as Router.. for this
> > same procedure as above, set it as IGMP Router.
> > (Thus for clients connecting to your win2K3 server on Local NIC
> > 192.168.0.1 becomes the router.)
> >
> > 5. Static Route:
> > Static Route is to be set for Internet NIC (having IP 192.168.1.1)
> > The static route must be set as
> > Destination : 0.0.0.0
> > Network Mask: 0.0.0.0
> > (both above set to zeros, so the translation is allowed
> > for all outgoing traffic.)
> > Gateway: IP address of the router
> >
> > While setting the static route, please ensure that it shows interface as
> > Internet NIC
> > then click OK.
> >
> > 6. DHCP: DHCP must be bound to Local NIC (OR Internet NIC & Local NIC
> Both
> > both, but binding
> > to Internet NIC is not as such necessary. Be sure that you have
authorised
> > the DHCP Server after it is set up.)
> >
> > In DHCP Option, you can set Router, to 192.168.0.1 (and NOT the router
IP
> > address)
> > For all clients set Default GateWay to 192.168.0.1
> >
> > You may better set, Router 192.168.0.1 in DHCP Options and
> > also set DHCP options for DNS Servers and enter the preffered, secondary
> and
> > other DNS servers there.
> >
> > 7. Clients TCP/IP settings:
> > Obtain IP automatically and do not enter any Default GateWay and DNS
> servers
> > if you set the router and DNS servers in DHCP Options.
> > If not set these DHCP options, then give default gateway 192.168.0.1 and
> > DNS servers -- as per your DNS servers.
> >
> > With these settings I don't see a reason why it should not work.
> >
> > Sharad
> >
> > "Jimbo" <(E-Mail Removed)> wrote in message
> > news:%(E-Mail Removed)...
> > > HI Sharad,
> > >
> > >
> > > > 1. The ISP gives dynamic IP, but your router is already
> > > > configured so that, from the server NIC you can claim a static IP
from
> > the
> > > > router.
> > >
> > > Correct. HOwever, DHCP is set through windoes server 2003 as
> > recceomended.
> > >
> > >
> > > > 2. You want now to use two NICs, one connected to router and one for
> > LAN,
> > > > where all clients will be connected and will obtain IP either
> statically
> > > or
> > > > through DHCP on the server
> > > > Router will not be on this subnet.
> > >
> > > This is correct. Whether or not the router is on this subnet is
unknown
> > ot
> > > me - as this is one of the questions I have.
> > >
> > >
> > > > 3. You want all the clients have internet access.
> > >
> > > Correct!
> > >
> > > > So you need to set up either NAT or ICS (though NAT is better choice
> > over
> > > > ICS)
> > >
> > > This is true. I would prefer NAT.
> > >
> > >
> > > > Did I understand this correct, is this what you want to do? Please
let
> > me
> > > > know
> > > > and I will tell you what you need to do.
> > >
> > >
> > > You understand perfectly and I appreciate your help!
> > >
> > > To be clear - here is how I envision the harware:
> > >
> > > Server NIC 1 > Router/Gateway/Firewall Combo Unit 192.168.1.1 (upnp
> > > possible) > ISP (Cable/dynamic IP/no login required)
> > >
> > > Server NIC 2 > Network Switch/Hub (Hub also connects to the client
PC's)
> > >
> > > Client PC's get DHCP/DNS from Server .
> > >
> > > Sound correct?
> > >
> > > So how do I accomplish this? My only attempt had me scratching my
head,
> > as
> > > the router was not detected as it is when I configure using only one
> card.
> > > (this is useful as SBS 2003 has a great wizard - CEICW - for
configuring
> > the
> > > network and firwall settings. It works flawlessly, but needs to
connect
> > to
> > > the router via upnp)
> > >
> > > JS
> > >
> > >
> > >
> > > > > I posted this already in the SBS NG, but wanted to ask here as
well.
> > > > >
> > > > > We have Win Server 2003 SBS Edition (premium) running with one NIC
> > which
> > > > > connects to our router/gateway. The NIC IP is in the 192.168.1.x
> > range,
> > > > as
> > > > > our router is the standard Linksys 192.168.1.1 . Our ISP is
> cable -
> > > and
> > > > > the IP is dynamic. Router/gateway handles this for us. This
works
> > > great,
> > > > > but 2 NIC's would allow us to use things such as ISA, which
> interests
> > > us.
> > > > >
> > > > > We would like to move this to 2 NIC's - one connected to the
> > > > router/gateway
> > > > > combo for internet access and the current NIC connected to a
switch
> > for
> > > > the
> > > > > LAN.
> > > > >
> > > > > What IP configs must change for this to work?
> > > > >
> > > > > Specifically, how do we configure the new NIC and does the old one
> > have
> > > to
> > > > > altered?
> > > > >
> > > > > Will the new NIC be able to use the router uPnP features of the
> router
> > > to
> > > > > configure it? (SBS has a very good config wizard to set this all
> up).
> > > > >
> > > > > We tried it last night and were rather unsuccessful in getting the
> > > second
> > > > > card to work properly through the router. IT didn't detect the
uPnP
> > > > option.
> > > > >
> > > > > Bypass the router and use only the NIC in the server for the WAN
and
> > it
> > > > was
> > > > > great.
> > > > >
> > > > > We'd like the extra level of protection however that the
> > router/gateway
> > > > > offers.
> > > > >
> > > > > J
> > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>

Hi Jimbo. OK , so there already on seperate hubs / switches..
This is what is required. Now you can go ahead and configure
as I told.

Sharad

"Jimbo" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> Hi Sharad,
>
> This is great, thank you so much.
>
> One question about the router/gateway however: The Cable modem hooks into
> its WAN port and the NIC on the server hooks to an autosensing,switched
port
> of the same unit. Does this not achieve what you suggest? Was I not
clear
> on this before? Sorry! Because I admit to still being a bit confused
about
> the comment you made regarding crossover cables and such.
>
> The second server NIC and client PC's are on a separate hub/switch
>
> JS
>
>
> "sharad" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > OK, here you go..
> >
> > Router is not on the local subnet.. means, the router
> > cable is not coming on the same network switch / hub to wich the
> > local NIC is connected. This will create a problem so either
> > use seperate hubs / network switch for the internet and local NICs
> > or , from internet NIC to the router have a cross-over cable.
> >
> > So the set up you need to do is as under.
> >
> > 1. Internet NIC (to be connected to router) .. TCP/IP settings:
> > Static IP : 192.168.1.1
> > Default GateWay: IP address of the router
> > Preffered DNS server: Either the DNS server of the ISP OR
> > if your server is also a DNS server and is all set to handle external
> > querries (either through root hints or through forwarder) you can also
> > give the IP of your server.
> > Subnet mask: Same subnet mask as your router uses.
> >
> > 2. Local NIC (for clients).. TCP/IP settings:
> > Static IP: 192.168.0.1
> > Default GateWay: None .. Leave it Blank
> > Preffered DNS .. Local IP address of your Server.i.e. 192.168.0.1 if
it's
> > also a DNS Server
> > (and if it is also an AD, then it must be set to 192.168.0.1)
> > Subnet Mask: 255.255.255.0
> >
> > 3. In Netwrok Connection Properties Click on Advance Menu and Select
> > Advanced Settings. There ensure that in adapter binding, the Local NIC
is
> > at top, if not move it to the top.
> >
> > 4. NAT Configuration:
> >
> > Internet NIC - To be configured as Proxy (Querier). for this
> > Start Remote Access & Routing..
> > Expand IP Routing, Select IGMP
> >
> > On right site Ineternet NIC and Local NIC will be listed.
> > Right click on Internet NIC (which has IP 192.168.1.1),
> > select properties, and set it as IGMP Proxy.
> >
> > Local NIC - To be configured as Router.. for this
> > same procedure as above, set it as IGMP Router.
> > (Thus for clients connecting to your win2K3 server on Local NIC
> > 192.168.0.1 becomes the router.)
> >
> > 5. Static Route:
> > Static Route is to be set for Internet NIC (having IP 192.168.1.1)
> > The static route must be set as
> > Destination : 0.0.0.0
> > Network Mask: 0.0.0.0
> > (both above set to zeros, so the translation is allowed
> > for all outgoing traffic.)
> > Gateway: IP address of the router
> >
> > While setting the static route, please ensure that it shows interface as
> > Internet NIC
> > then click OK.
> >
> > 6. DHCP: DHCP must be bound to Local NIC (OR Internet NIC & Local NIC
> Both
> > both, but binding
> > to Internet NIC is not as such necessary. Be sure that you have
authorised
> > the DHCP Server after it is set up.)
> >
> > In DHCP Option, you can set Router, to 192.168.0.1 (and NOT the router
IP
> > address)
> > For all clients set Default GateWay to 192.168.0.1
> >
> > You may better set, Router 192.168.0.1 in DHCP Options and
> > also set DHCP options for DNS Servers and enter the preffered, secondary
> and
> > other DNS servers there.
> >
> > 7. Clients TCP/IP settings:
> > Obtain IP automatically and do not enter any Default GateWay and DNS
> servers
> > if you set the router and DNS servers in DHCP Options.
> > If not set these DHCP options, then give default gateway 192.168.0.1 and
> > DNS servers -- as per your DNS servers.
> >
> > With these settings I don't see a reason why it should not work.
> >
> > Sharad
> >
> > "Jimbo" <(E-Mail Removed)> wrote in message
> > news:%(E-Mail Removed)...
> > > HI Sharad,
> > >
> > >
> > > > 1. The ISP gives dynamic IP, but your router is already
> > > > configured so that, from the server NIC you can claim a static IP
from
> > the
> > > > router.
> > >
> > > Correct. HOwever, DHCP is set through windoes server 2003 as
> > recceomended.
> > >
> > >
> > > > 2. You want now to use two NICs, one connected to router and one for
> > LAN,
> > > > where all clients will be connected and will obtain IP either
> statically
> > > or
> > > > through DHCP on the server
> > > > Router will not be on this subnet.
> > >
> > > This is correct. Whether or not the router is on this subnet is
unknown
> > ot
> > > me - as this is one of the questions I have.
> > >
> > >
> > > > 3. You want all the clients have internet access.
> > >
> > > Correct!
> > >
> > > > So you need to set up either NAT or ICS (though NAT is better choice
> > over
> > > > ICS)
> > >
> > > This is true. I would prefer NAT.
> > >
> > >
> > > > Did I understand this correct, is this what you want to do? Please
let
> > me
> > > > know
> > > > and I will tell you what you need to do.
> > >
> > >
> > > You understand perfectly and I appreciate your help!
> > >
> > > To be clear - here is how I envision the harware:
> > >
> > > Server NIC 1 > Router/Gateway/Firewall Combo Unit 192.168.1.1 (upnp
> > > possible) > ISP (Cable/dynamic IP/no login required)
> > >
> > > Server NIC 2 > Network Switch/Hub (Hub also connects to the client
PC's)
> > >
> > > Client PC's get DHCP/DNS from Server .
> > >
> > > Sound correct?
> > >
> > > So how do I accomplish this? My only attempt had me scratching my
head,
> > as
> > > the router was not detected as it is when I configure using only one
> card.
> > > (this is useful as SBS 2003 has a great wizard - CEICW - for
configuring
> > the
> > > network and firwall settings. It works flawlessly, but needs to
connect
> > to
> > > the router via upnp)
> > >
> > > JS
> > >
> > >
> > >
> > > > > I posted this already in the SBS NG, but wanted to ask here as
well.
> > > > >
> > > > > We have Win Server 2003 SBS Edition (premium) running with one NIC
> > which
> > > > > connects to our router/gateway. The NIC IP is in the 192.168.1.x
> > range,
> > > > as
> > > > > our router is the standard Linksys 192.168.1.1 . Our ISP is
> cable -
> > > and
> > > > > the IP is dynamic. Router/gateway handles this for us. This
works
> > > great,
> > > > > but 2 NIC's would allow us to use things such as ISA, which
> interests
> > > us.
> > > > >
> > > > > We would like to move this to 2 NIC's - one connected to the
> > > > router/gateway
> > > > > combo for internet access and the current NIC connected to a
switch
> > for
> > > > the
> > > > > LAN.
> > > > >
> > > > > What IP configs must change for this to work?
> > > > >
> > > > > Specifically, how do we configure the new NIC and does the old one
> > have
> > > to
> > > > > altered?
> > > > >
> > > > > Will the new NIC be able to use the router uPnP features of the
> router
> > > to
> > > > > configure it? (SBS has a very good config wizard to set this all
> up).
> > > > >
> > > > > We tried it last night and were rather unsuccessful in getting the
> > > second
> > > > > card to work properly through the router. IT didn't detect the
uPnP
> > > > option.
> > > > >
> > > > > Bypass the router and use only the NIC in the server for the WAN
and
> > it
> > > > was
> > > > > great.
> > > > >
> > > > > We'd like the extra level of protection however that the
> > router/gateway
> > > > > offers.
> > > > >
> > > > > J
> > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>

Hi Bill,
With subnet mask of 255.255.255.0, i.e. 24 first bits
for subnet, thus first 3 otctates will decide the subnet..
So 192.168.1 and 192.168.0 will be two different subnets, and no harm to
use. Actually the LAN NIC IP, must be 192.168.0.1 for NAT to
work.

Jimbo,
I just realized that, 192.168.1.1 is your Router IP address (you had
mentioned it correct but I mistook it as to be the existing IP of the
existing
NIC and Router IP was something else.)

So in all the steps I have give, you need to correct following:

For Internet NIC:
Static IP Address - 192.168.1.x (what ever exsting you used
same can be given.)
Default GateWay: 192.168.1.1
All other settings as I already told.

For Local NIC, Clients etc. all settings as I told.

DHCP Scope.. The scope must be set in 192.168.0 subnet
e.g. start: 192.168.0.2 , end 192.168.0.64
So if you already have a DHCP scope in 192.168.1 subnet,
delete it when you do the set up with two NICs.

Your Internet NIC and LAN NIC are already physically on seperate
hubs / switch, and also the IP range will be on different subnet since
192.168.1 and 192.168.0 are different subnet if subnet mask is
255.255.255.0 or higher. So go ahead with the settings I told, and
if everything done correct as I told, it will work in the first try itself.

Sharad




"Bill Grant" <not.available@online> wrote in message
news:(E-Mail Removed)...
> What you are proposing to do is OK, but it requires a major change to
the
> way your network is set up.
>
> With your current setup, the router is the default gateway of your
LAN,
> and all machines access the Internet directly through that router. What
you
> are proposing is that your LAN clients do not access the Internet directly
> through the router. The new setup would in fact be more like a LAN
accessing
> the Internet through an ISA server connected to a DMZ. The difference is
> that the DMZ is a private addressed subnet. The default gateway of your
LAN
> would now be the RRAS router (ie your SBS server).
>
> The DMZ subnet and your private LAN must be in different IP subnets.
So
> if the DMZ subnet (linking the router to the server) uses 192.168.1.0/24 ,
> you cannot use that same subnet for your LAN machines (and vice versa, of
> course).
>
> As far as configuring the setup, you would now need to have your LAN
> machines getting their config from the SBS server rather than the router.
> The router is now just your link to the Internet. It is no longer really
any
> part of your LAN. The SBS server is now your link the the outside world
and
> it should look after DHCP for the LAN. I would configure the server NICs
> manually. eg
>
> Internet
> |
> public IP
> router
> 192.168.1.1
> |
> 192.168.1.2 dg 192.168.1.1
> SBS
> 192.168.23.1 dg blank
> |
> LAN clients
> 192.168.23.x dg 192.168.23.1
>
> "Jimbo" <(E-Mail Removed)> wrote in message
> news:#(E-Mail Removed)...
> > Hi Sharad,
> >
> > This is great, thank you so much.
> >
> > One question about the router/gateway however: The Cable modem hooks
into
> > its WAN port and the NIC on the server hooks to an autosensing,switched
> port
> > of the same unit. Does this not achieve what you suggest? Was I not
> clear
> > on this before? Sorry! Because I admit to still being a bit confused
> about
> > the comment you made regarding crossover cables and such.
> >
> > The second server NIC and client PC's are on a separate hub/switch
> >
> > JS
> >
> >
> > "sharad" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
> > > OK, here you go..
> > >
> > > Router is not on the local subnet.. means, the router
> > > cable is not coming on the same network switch / hub to wich the
> > > local NIC is connected. This will create a problem so either
> > > use seperate hubs / network switch for the internet and local NICs
> > > or , from internet NIC to the router have a cross-over cable.
> > >
> > > So the set up you need to do is as under.
> > >
> > > 1. Internet NIC (to be connected to router) .. TCP/IP settings:
> > > Static IP : 192.168.1.1
> > > Default GateWay: IP address of the router
> > > Preffered DNS server: Either the DNS server of the ISP OR
> > > if your server is also a DNS server and is all set to handle external
> > > querries (either through root hints or through forwarder) you can also
> > > give the IP of your server.
> > > Subnet mask: Same subnet mask as your router uses.
> > >
> > > 2. Local NIC (for clients).. TCP/IP settings:
> > > Static IP: 192.168.0.1
> > > Default GateWay: None .. Leave it Blank
> > > Preffered DNS .. Local IP address of your Server.i.e. 192.168.0.1 if
> it's
> > > also a DNS Server
> > > (and if it is also an AD, then it must be set to 192.168.0.1)
> > > Subnet Mask: 255.255.255.0
> > >
> > > 3. In Netwrok Connection Properties Click on Advance Menu and Select
> > > Advanced Settings. There ensure that in adapter binding, the Local NIC
> is
> > > at top, if not move it to the top.
> > >
> > > 4. NAT Configuration:
> > >
> > > Internet NIC - To be configured as Proxy (Querier). for this
> > > Start Remote Access & Routing..
> > > Expand IP Routing, Select IGMP
> > >
> > > On right site Ineternet NIC and Local NIC will be listed.
> > > Right click on Internet NIC (which has IP 192.168.1.1),
> > > select properties, and set it as IGMP Proxy.
> > >
> > > Local NIC - To be configured as Router.. for this
> > > same procedure as above, set it as IGMP Router.
> > > (Thus for clients connecting to your win2K3 server on Local NIC
> > > 192.168.0.1 becomes the router.)
> > >
> > > 5. Static Route:
> > > Static Route is to be set for Internet NIC (having IP 192.168.1.1)
> > > The static route must be set as
> > > Destination : 0.0.0.0
> > > Network Mask: 0.0.0.0
> > > (both above set to zeros, so the translation is allowed
> > > for all outgoing traffic.)
> > > Gateway: IP address of the router
> > >
> > > While setting the static route, please ensure that it shows interface
as
> > > Internet NIC
> > > then click OK.
> > >
> > > 6. DHCP: DHCP must be bound to Local NIC (OR Internet NIC & Local
NIC
> > Both
> > > both, but binding
> > > to Internet NIC is not as such necessary. Be sure that you have
> authorised
> > > the DHCP Server after it is set up.)
> > >
> > > In DHCP Option, you can set Router, to 192.168.0.1 (and NOT the
router
> IP
> > > address)
> > > For all clients set Default GateWay to 192.168.0.1
> > >
> > > You may better set, Router 192.168.0.1 in DHCP Options and
> > > also set DHCP options for DNS Servers and enter the preffered,
secondary
> > and
> > > other DNS servers there.
> > >
> > > 7. Clients TCP/IP settings:
> > > Obtain IP automatically and do not enter any Default GateWay and DNS
> > servers
> > > if you set the router and DNS servers in DHCP Options.
> > > If not set these DHCP options, then give default gateway 192.168.0.1
and
> > > DNS servers -- as per your DNS servers.
> > >
> > > With these settings I don't see a reason why it should not work.
> > >
> > > Sharad
> > >
> > > "Jimbo" <(E-Mail Removed)> wrote in message
> > > news:%(E-Mail Removed)...
> > > > HI Sharad,
> > > >
> > > >
> > > > > 1. The ISP gives dynamic IP, but your router is already
> > > > > configured so that, from the server NIC you can claim a static IP
> from
> > > the
> > > > > router.
> > > >
> > > > Correct. HOwever, DHCP is set through windoes server 2003 as
> > > recceomended.
> > > >
> > > >
> > > > > 2. You want now to use two NICs, one connected to router and one
for
> > > LAN,
> > > > > where all clients will be connected and will obtain IP either
> > statically
> > > > or
> > > > > through DHCP on the server
> > > > > Router will not be on this subnet.
> > > >
> > > > This is correct. Whether or not the router is on this subnet is
> unknown
> > > ot
> > > > me - as this is one of the questions I have.
> > > >
> > > >
> > > > > 3. You want all the clients have internet access.
> > > >
> > > > Correct!
> > > >
> > > > > So you need to set up either NAT or ICS (though NAT is better
choice
> > > over
> > > > > ICS)
> > > >
> > > > This is true. I would prefer NAT.
> > > >
> > > >
> > > > > Did I understand this correct, is this what you want to do? Please
> let
> > > me
> > > > > know
> > > > > and I will tell you what you need to do.
> > > >
> > > >
> > > > You understand perfectly and I appreciate your help!
> > > >
> > > > To be clear - here is how I envision the harware:
> > > >
> > > > Server NIC 1 > Router/Gateway/Firewall Combo Unit 192.168.1.1 (upnp
> > > > possible) > ISP (Cable/dynamic IP/no login required)
> > > >
> > > > Server NIC 2 > Network Switch/Hub (Hub also connects to the client
> PC's)
> > > >
> > > > Client PC's get DHCP/DNS from Server .
> > > >
> > > > Sound correct?
> > > >
> > > > So how do I accomplish this? My only attempt had me scratching my
> head,
> > > as
> > > > the router was not detected as it is when I configure using only one
> > card.
> > > > (this is useful as SBS 2003 has a great wizard - CEICW - for
> configuring
> > > the
> > > > network and firwall settings. It works flawlessly, but needs to
> connect
> > > to
> > > > the router via upnp)
> > > >
> > > > JS
> > > >
> > > >
> > > >
> > > > > > I posted this already in the SBS NG, but wanted to ask here as
> well.
> > > > > >
> > > > > > We have Win Server 2003 SBS Edition (premium) running with one
NIC
> > > which
> > > > > > connects to our router/gateway. The NIC IP is in the
192.168.1.x
> > > range,
> > > > > as
> > > > > > our router is the standard Linksys 192.168.1.1 . Our ISP is
> > cable -
> > > > and
> > > > > > the IP is dynamic. Router/gateway handles this for us. This
> works
> > > > great,
> > > > > > but 2 NIC's would allow us to use things such as ISA, which
> > interests
> > > > us.
> > > > > >
> > > > > > We would like to move this to 2 NIC's - one connected to the
> > > > > router/gateway
> > > > > > combo for internet access and the current NIC connected to a
> switch
> > > for
> > > > > the
> > > > > > LAN.
> > > > > >
> > > > > > What IP configs must change for this to work?
> > > > > >
> > > > > > Specifically, how do we configure the new NIC and does the old
one
> > > have
> > > > to
> > > > > > altered?
> > > > > >
> > > > > > Will the new NIC be able to use the router uPnP features of the
> > router
> > > > to
> > > > > > configure it? (SBS has a very good config wizard to set this all
> > up).
> > > > > >
> > > > > > We tried it last night and were rather unsuccessful in getting
the
> > > > second
> > > > > > card to work properly through the router. IT didn't detect the
> uPnP
> > > > > option.
> > > > > >
> > > > > > Bypass the router and use only the NIC in the server for the WAN
> and
> > > it
> > > > > was
> > > > > > great.
> > > > > >
> > > > > > We'd like the extra level of protection however that the
> > > router/gateway
> > > > > > offers.
> > > > > >
> > > > > > J
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>

HI Sharad,

This worked first try as you suggested. Bravo!

Many thanks, I appreciate your help greatly,

JS


"sharad" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> Hi Jimbo. OK , so there already on seperate hubs / switches..
> This is what is required. Now you can go ahead and configure
> as I told.
>
> Sharad
>
> "Jimbo" <(E-Mail Removed)> wrote in message
> news:%(E-Mail Removed)...
> > Hi Sharad,
> >
> > This is great, thank you so much.
> >
> > One question about the router/gateway however: The Cable modem hooks
into
> > its WAN port and the NIC on the server hooks to an autosensing,switched
> port
> > of the same unit. Does this not achieve what you suggest? Was I not
> clear
> > on this before? Sorry! Because I admit to still being a bit confused
> about
> > the comment you made regarding crossover cables and such.
> >
> > The second server NIC and client PC's are on a separate hub/switch
> >
> > JS
> >
> >
> > "sharad" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
> > > OK, here you go..
> > >
> > > Router is not on the local subnet.. means, the router
> > > cable is not coming on the same network switch / hub to wich the
> > > local NIC is connected. This will create a problem so either
> > > use seperate hubs / network switch for the internet and local NICs
> > > or , from internet NIC to the router have a cross-over cable.
> > >
> > > So the set up you need to do is as under.
> > >
> > > 1. Internet NIC (to be connected to router) .. TCP/IP settings:
> > > Static IP : 192.168.1.1
> > > Default GateWay: IP address of the router
> > > Preffered DNS server: Either the DNS server of the ISP OR
> > > if your server is also a DNS server and is all set to handle external
> > > querries (either through root hints or through forwarder) you can also
> > > give the IP of your server.
> > > Subnet mask: Same subnet mask as your router uses.
> > >
> > > 2. Local NIC (for clients).. TCP/IP settings:
> > > Static IP: 192.168.0.1
> > > Default GateWay: None .. Leave it Blank
> > > Preffered DNS .. Local IP address of your Server.i.e. 192.168.0.1 if
> it's
> > > also a DNS Server
> > > (and if it is also an AD, then it must be set to 192.168.0.1)
> > > Subnet Mask: 255.255.255.0
> > >
> > > 3. In Netwrok Connection Properties Click on Advance Menu and Select
> > > Advanced Settings. There ensure that in adapter binding, the Local NIC
> is
> > > at top, if not move it to the top.
> > >
> > > 4. NAT Configuration:
> > >
> > > Internet NIC - To be configured as Proxy (Querier). for this
> > > Start Remote Access & Routing..
> > > Expand IP Routing, Select IGMP
> > >
> > > On right site Ineternet NIC and Local NIC will be listed.
> > > Right click on Internet NIC (which has IP 192.168.1.1),
> > > select properties, and set it as IGMP Proxy.
> > >
> > > Local NIC - To be configured as Router.. for this
> > > same procedure as above, set it as IGMP Router.
> > > (Thus for clients connecting to your win2K3 server on Local NIC
> > > 192.168.0.1 becomes the router.)
> > >
> > > 5. Static Route:
> > > Static Route is to be set for Internet NIC (having IP 192.168.1.1)
> > > The static route must be set as
> > > Destination : 0.0.0.0
> > > Network Mask: 0.0.0.0
> > > (both above set to zeros, so the translation is allowed
> > > for all outgoing traffic.)
> > > Gateway: IP address of the router
> > >
> > > While setting the static route, please ensure that it shows interface
as
> > > Internet NIC
> > > then click OK.
> > >
> > > 6. DHCP: DHCP must be bound to Local NIC (OR Internet NIC & Local
NIC
> > Both
> > > both, but binding
> > > to Internet NIC is not as such necessary. Be sure that you have
> authorised
> > > the DHCP Server after it is set up.)
> > >
> > > In DHCP Option, you can set Router, to 192.168.0.1 (and NOT the
router
> IP
> > > address)
> > > For all clients set Default GateWay to 192.168.0.1
> > >
> > > You may better set, Router 192.168.0.1 in DHCP Options and
> > > also set DHCP options for DNS Servers and enter the preffered,
secondary
> > and
> > > other DNS servers there.
> > >
> > > 7. Clients TCP/IP settings:
> > > Obtain IP automatically and do not enter any Default GateWay and DNS
> > servers
> > > if you set the router and DNS servers in DHCP Options.
> > > If not set these DHCP options, then give default gateway 192.168.0.1
and
> > > DNS servers -- as per your DNS servers.
> > >
> > > With these settings I don't see a reason why it should not work.
> > >
> > > Sharad
> > >
> > > "Jimbo" <(E-Mail Removed)> wrote in message
> > > news:%(E-Mail Removed)...
> > > > HI Sharad,
> > > >
> > > >
> > > > > 1. The ISP gives dynamic IP, but your router is already
> > > > > configured so that, from the server NIC you can claim a static IP
> from
> > > the
> > > > > router.
> > > >
> > > > Correct. HOwever, DHCP is set through windoes server 2003 as
> > > recceomended.
> > > >
> > > >
> > > > > 2. You want now to use two NICs, one connected to router and one
for
> > > LAN,
> > > > > where all clients will be connected and will obtain IP either
> > statically
> > > > or
> > > > > through DHCP on the server
> > > > > Router will not be on this subnet.
> > > >
> > > > This is correct. Whether or not the router is on this subnet is
> unknown
> > > ot
> > > > me - as this is one of the questions I have.
> > > >
> > > >
> > > > > 3. You want all the clients have internet access.
> > > >
> > > > Correct!
> > > >
> > > > > So you need to set up either NAT or ICS (though NAT is better
choice
> > > over
> > > > > ICS)
> > > >
> > > > This is true. I would prefer NAT.
> > > >
> > > >
> > > > > Did I understand this correct, is this what you want to do? Please
> let
> > > me
> > > > > know
> > > > > and I will tell you what you need to do.
> > > >
> > > >
> > > > You understand perfectly and I appreciate your help!
> > > >
> > > > To be clear - here is how I envision the harware:
> > > >
> > > > Server NIC 1 > Router/Gateway/Firewall Combo Unit 192.168.1.1 (upnp
> > > > possible) > ISP (Cable/dynamic IP/no login required)
> > > >
> > > > Server NIC 2 > Network Switch/Hub (Hub also connects to the client
> PC's)
> > > >
> > > > Client PC's get DHCP/DNS from Server .
> > > >
> > > > Sound correct?
> > > >
> > > > So how do I accomplish this? My only attempt had me scratching my
> head,
> > > as
> > > > the router was not detected as it is when I configure using only one
> > card.
> > > > (this is useful as SBS 2003 has a great wizard - CEICW - for
> configuring
> > > the
> > > > network and firwall settings. It works flawlessly, but needs to
> connect
> > > to
> > > > the router via upnp)
> > > >
> > > > JS
> > > >
> > > >
> > > >
> > > > > > I posted this already in the SBS NG, but wanted to ask here as
> well.
> > > > > >
> > > > > > We have Win Server 2003 SBS Edition (premium) running with one
NIC
> > > which
> > > > > > connects to our router/gateway. The NIC IP is in the
192.168.1.x
> > > range,
> > > > > as
> > > > > > our router is the standard Linksys 192.168.1.1 . Our ISP is
> > cable -
> > > > and
> > > > > > the IP is dynamic. Router/gateway handles this for us. This
> works
> > > > great,
> > > > > > but 2 NIC's would allow us to use things such as ISA, which
> > interests
> > > > us.
> > > > > >
> > > > > > We would like to move this to 2 NIC's - one connected to the
> > > > > router/gateway
> > > > > > combo for internet access and the current NIC connected to a
> switch
> > > for
> > > > > the
> > > > > > LAN.
> > > > > >
> > > > > > What IP configs must change for this to work?
> > > > > >
> > > > > > Specifically, how do we configure the new NIC and does the old
one
> > > have
> > > > to
> > > > > > altered?
> > > > > >
> > > > > > Will the new NIC be able to use the router uPnP features of the
> > router
> > > > to
> > > > > > configure it? (SBS has a very good config wizard to set this all
> > up).
> > > > > >
> > > > > > We tried it last night and were rather unsuccessful in getting
the
> > > > second
> > > > > > card to work properly through the router. IT didn't detect the
> uPnP
> > > > > option.
> > > > > >
> > > > > > Bypass the router and use only the NIC in the server for the WAN
> and
> > > it
> > > > > was
> > > > > > great.
> > > > > >
> > > > > > We'd like the extra level of protection however that the
> > > router/gateway
> > > > > > offers.
> > > > > >
> > > > > > J
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>

Glad to know Jimbo.
You said, you need an extra level of protection than the router offers. With
the set you did just now, your LAN will not be behind two layers firewalls
...(I believe Linksys has in buit firewall).
You must have chosen the option.. Enable Basic Firewall
on the internet NIC? If not, do it.
Since you didn't mention and also your SIP IP is dynamic, I belive that you
do not
have any serverices on the SBS server for which you have to give access
from the internet, so I guess you need not open any port on the firewall.

Sharad

"Jimbo" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> HI Sharad,
>
> This worked first try as you suggested. Bravo!
>
> Many thanks, I appreciate your help greatly,
>
> JS
>
>
> "sharad" <(E-Mail Removed)> wrote in message
> news:%(E-Mail Removed)...
> > Hi Jimbo. OK , so there already on seperate hubs / switches..
> > This is what is required. Now you can go ahead and configure
> > as I told.
> >
> > Sharad
> >
> > "Jimbo" <(E-Mail Removed)> wrote in message
> > news:%(E-Mail Removed)...
> > > Hi Sharad,
> > >
> > > This is great, thank you so much.
> > >
> > > One question about the router/gateway however: The Cable modem hooks
> into
> > > its WAN port and the NIC on the server hooks to an
autosensing,switched
> > port
> > > of the same unit. Does this not achieve what you suggest? Was I not
> > clear
> > > on this before? Sorry! Because I admit to still being a bit confused
> > about
> > > the comment you made regarding crossover cables and such.
> > >
> > > The second server NIC and client PC's are on a separate hub/switch
> > >
> > > JS
> > >
> > >
> > > "sharad" <(E-Mail Removed)> wrote in message
> > > news:(E-Mail Removed)...
> > > > OK, here you go..
> > > >
> > > > Router is not on the local subnet.. means, the router
> > > > cable is not coming on the same network switch / hub to wich the
> > > > local NIC is connected. This will create a problem so either
> > > > use seperate hubs / network switch for the internet and local NICs
> > > > or , from internet NIC to the router have a cross-over cable.
> > > >
> > > > So the set up you need to do is as under.
> > > >
> > > > 1. Internet NIC (to be connected to router) .. TCP/IP settings:
> > > > Static IP : 192.168.1.1
> > > > Default GateWay: IP address of the router
> > > > Preffered DNS server: Either the DNS server of the ISP OR
> > > > if your server is also a DNS server and is all set to handle
external
> > > > querries (either through root hints or through forwarder) you can
also
> > > > give the IP of your server.
> > > > Subnet mask: Same subnet mask as your router uses.
> > > >
> > > > 2. Local NIC (for clients).. TCP/IP settings:
> > > > Static IP: 192.168.0.1
> > > > Default GateWay: None .. Leave it Blank
> > > > Preffered DNS .. Local IP address of your Server.i.e. 192.168.0.1
if
> > it's
> > > > also a DNS Server
> > > > (and if it is also an AD, then it must be set to 192.168.0.1)
> > > > Subnet Mask: 255.255.255.0
> > > >
> > > > 3. In Netwrok Connection Properties Click on Advance Menu and Select
> > > > Advanced Settings. There ensure that in adapter binding, the Local
NIC
> > is
> > > > at top, if not move it to the top.
> > > >
> > > > 4. NAT Configuration:
> > > >
> > > > Internet NIC - To be configured as Proxy (Querier). for this
> > > > Start Remote Access & Routing..
> > > > Expand IP Routing, Select IGMP
> > > >
> > > > On right site Ineternet NIC and Local NIC will be listed.
> > > > Right click on Internet NIC (which has IP 192.168.1.1),
> > > > select properties, and set it as IGMP Proxy.
> > > >
> > > > Local NIC - To be configured as Router.. for this
> > > > same procedure as above, set it as IGMP Router.
> > > > (Thus for clients connecting to your win2K3 server on Local NIC
> > > > 192.168.0.1 becomes the router.)
> > > >
> > > > 5. Static Route:
> > > > Static Route is to be set for Internet NIC (having IP 192.168.1.1)
> > > > The static route must be set as
> > > > Destination : 0.0.0.0
> > > > Network Mask: 0.0.0.0
> > > > (both above set to zeros, so the translation is allowed
> > > > for all outgoing traffic.)
> > > > Gateway: IP address of the router
> > > >
> > > > While setting the static route, please ensure that it shows
interface
> as
> > > > Internet NIC
> > > > then click OK.
> > > >
> > > > 6. DHCP: DHCP must be bound to Local NIC (OR Internet NIC & Local
> NIC
> > > Both
> > > > both, but binding
> > > > to Internet NIC is not as such necessary. Be sure that you have
> > authorised
> > > > the DHCP Server after it is set up.)
> > > >
> > > > In DHCP Option, you can set Router, to 192.168.0.1 (and NOT the
> router
> > IP
> > > > address)
> > > > For all clients set Default GateWay to 192.168.0.1
> > > >
> > > > You may better set, Router 192.168.0.1 in DHCP Options and
> > > > also set DHCP options for DNS Servers and enter the preffered,
> secondary
> > > and
> > > > other DNS servers there.
> > > >
> > > > 7. Clients TCP/IP settings:
> > > > Obtain IP automatically and do not enter any Default GateWay and DNS
> > > servers
> > > > if you set the router and DNS servers in DHCP Options.
> > > > If not set these DHCP options, then give default gateway 192.168.0.1
> and
> > > > DNS servers -- as per your DNS servers.
> > > >
> > > > With these settings I don't see a reason why it should not work.
> > > >
> > > > Sharad
> > > >
> > > > "Jimbo" <(E-Mail Removed)> wrote in message
> > > > news:%(E-Mail Removed)...
> > > > > HI Sharad,
> > > > >
> > > > >
> > > > > > 1. The ISP gives dynamic IP, but your router is already
> > > > > > configured so that, from the server NIC you can claim a static
IP
> > from
> > > > the
> > > > > > router.
> > > > >
> > > > > Correct. HOwever, DHCP is set through windoes server 2003 as
> > > > recceomended.
> > > > >
> > > > >
> > > > > > 2. You want now to use two NICs, one connected to router and one
> for
> > > > LAN,
> > > > > > where all clients will be connected and will obtain IP either
> > > statically
> > > > > or
> > > > > > through DHCP on the server
> > > > > > Router will not be on this subnet.
> > > > >
> > > > > This is correct. Whether or not the router is on this subnet is
> > unknown
> > > > ot
> > > > > me - as this is one of the questions I have.
> > > > >
> > > > >
> > > > > > 3. You want all the clients have internet access.
> > > > >
> > > > > Correct!
> > > > >
> > > > > > So you need to set up either NAT or ICS (though NAT is better
> choice
> > > > over
> > > > > > ICS)
> > > > >
> > > > > This is true. I would prefer NAT.
> > > > >
> > > > >
> > > > > > Did I understand this correct, is this what you want to do?
Please
> > let
> > > > me
> > > > > > know
> > > > > > and I will tell you what you need to do.
> > > > >
> > > > >
> > > > > You understand perfectly and I appreciate your help!
> > > > >
> > > > > To be clear - here is how I envision the harware:
> > > > >
> > > > > Server NIC 1 > Router/Gateway/Firewall Combo Unit 192.168.1.1
(upnp
> > > > > possible) > ISP (Cable/dynamic IP/no login required)
> > > > >
> > > > > Server NIC 2 > Network Switch/Hub (Hub also connects to the client
> > PC's)
> > > > >
> > > > > Client PC's get DHCP/DNS from Server .
> > > > >
> > > > > Sound correct?
> > > > >
> > > > > So how do I accomplish this? My only attempt had me scratching my
> > head,
> > > > as
> > > > > the router was not detected as it is when I configure using only
one
> > > card.
> > > > > (this is useful as SBS 2003 has a great wizard - CEICW - for
> > configuring
> > > > the
> > > > > network and firwall settings. It works flawlessly, but needs to
> > connect
> > > > to
> > > > > the router via upnp)
> > > > >
> > > > > JS
> > > > >
> > > > >
> > > > >
> > > > > > > I posted this already in the SBS NG, but wanted to ask here as
> > well.
> > > > > > >
> > > > > > > We have Win Server 2003 SBS Edition (premium) running with one
> NIC
> > > > which
> > > > > > > connects to our router/gateway. The NIC IP is in the
> 192.168.1.x
> > > > range,
> > > > > > as
> > > > > > > our router is the standard Linksys 192.168.1.1 . Our ISP is
> > > cable -
> > > > > and
> > > > > > > the IP is dynamic. Router/gateway handles this for us. This
> > works
> > > > > great,
> > > > > > > but 2 NIC's would allow us to use things such as ISA, which
> > > interests
> > > > > us.
> > > > > > >
> > > > > > > We would like to move this to 2 NIC's - one connected to the
> > > > > > router/gateway
> > > > > > > combo for internet access and the current NIC connected to a
> > switch
> > > > for
> > > > > > the
> > > > > > > LAN.
> > > > > > >
> > > > > > > What IP configs must change for this to work?
> > > > > > >
> > > > > > > Specifically, how do we configure the new NIC and does the old
> one
> > > > have
> > > > > to
> > > > > > > altered?
> > > > > > >
> > > > > > > Will the new NIC be able to use the router uPnP features of
the
> > > router
> > > > > to
> > > > > > > configure it? (SBS has a very good config wizard to set this
all
> > > up).
> > > > > > >
> > > > > > > We tried it last night and were rather unsuccessful in getting
> the
> > > > > second
> > > > > > > card to work properly through the router. IT didn't detect
the
> > uPnP
> > > > > > option.
> > > > > > >
> > > > > > > Bypass the router and use only the NIC in the server for the
WAN
> > and
> > > > it
> > > > > > was
> > > > > > > great.
> > > > > > >
> > > > > > > We'd like the extra level of protection however that the
> > > > router/gateway
> > > > > > > offers.
> > > > > > >
> > > > > > > J
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>