Yes, that is basically what you need to do. The SBS server does not need
to perform the router function now that you have a firewall to do it. You
can run the SBS server with one NIC using the firewall as its default
gateway. You can run everything on the same segment and in the same IP
subnet. You currently have two routers between the Internet and the Exchange
server, so port forwarding isn't going to work.
I would disable the "public" NIC on the server and put all your local
machines in the same LAN using the firewall as default gateway but the DC
for DNS and DHCP. The network config doesn't need much tweaking. Manually
set the DC (and exchange if it doesn't use DHCP) to use the firewall as its
gateway and change the DHCP scope to hand out the firewall address as the
gateway for clients. the setup would then look like this.
Internet
|
81.x.x.x
Firewall
192.168.2.254
|
DC
192.168.2.2 dg 192.168.2.254
|
Exchange
192.168.2.3 dg 192.168.2.254
|
workstations
192.168.2.x dg 192.168.2.254 (from DHCP)
"Julian" <(E-Mail Removed)> wrote in message
news:21E99A2B-8B6C-4217-AC47-(E-Mail Removed)...
> Hi Bill
>
> I guess the answer to your question is because we have just upgraded from
> an
> SBS everything on one server afair and didn't know any difference.
>
> The setup is:
>
> Internet router/firewall
> (external static IP address 81.xx.xx.xx)
> (internal IP address 192.168.2.254 - connected to the internet NIC on the
> DC)
>
> DC
> (Internal IP 192.168.0.2 / gateway 192.168.0.1)
> (Internet NIC 192.168.2.2 / gateway 192.168.2.1 - connected to the
> firewall
> above)
>
> Exchange
> (Internal IP 192.168.0.10)
>
>
> Are you then suggesting the following...
>
> Firewall/Router connected directly into the internal LAN switches
> DC connected into the same
> Exchange connected into the same
>
> The above would surely require some reconfiguration, etc.?
>
> Would the below work...
> Connect LAN2 on the Exchange server directly the firewall/router
> This would be allocated an IP address iof 192.168.2.3
> The router would then see the server and allow port forwarding to it
> directly.
>
> What would this do the DC and Exchange server?
> What would need to be configured on the Exchange server?
>
> I would really rather pass the traffic through the DC to the Exchange
> server
> if possible as I think it would save me a load of reconfiguration?
>
> Any thoughts?
>
> Julian
>
>
>
>
>
> "Bill Grant" wrote:
>
>> The first question that comes to mind is this. Why do you have two
>> NICs
>> in the DC if you have a separate firewall? What is the default gateway
>> for
>> LAN2?
>>
>> Multihoming a DC is not recommended and is basically a bad idea. Is
>> there any real reason for two NICs in the DC? The problem goes away if
>> you
>> put all machines in the same LAN connecting to the firewall.
>>
>> "Julian" <(E-Mail Removed)> wrote in message
>> news:1D3D3B08-57D6-43C3-8DAD-(E-Mail Removed)...
>> > Hi
>> >
>> > I have the following set-up... (both running W2K3 Standard)
>> >
>> > Server 1 (DC, DHCP, DNS, etc.)
>> > LAN1 - internet
>> > LAN2 - internal
>> >
>> > Server 2 (Exchange 2003 / SharePoint)
>> > LAN1 - not connected
>> > LAN2 - internal
>> >
>> >
>> > Now, Exchange works fine in sending and receiving emails, etc. so this
>> > isn't
>> > my problem. My problem is with the settings I need to change to allow
>> > server
>> > 1 to pass any requests for Outlook Web Access on port 80 and 443
>> > directly
>> > through server 1 to server 2.
>> >
>> > All works great on the inside of the network, but not externally.
>> >
>> > Currently the firewall is set to pass all traffic to server 1 using
>> > port
>> > forwarding, but it can't see server 2 so i can't tell it to pass the
>> > traffic
>> > directly.
>> >
>> > Thanks,
>> > Julian
>>
>>
|
Similar Threads
Linear Mode
