I am setting up a network at home for study and experience and I was wondering if I am going about this right. I am looking to have a setup that uses a cable internet connection running to a router. A W2K server will be the PDC and will have two NICs. The first NIC will be running a line to the router, and the second will have a crossover cable running to a switch. Now with this setup I want to have a Pro cpu connected to the switch, and able to join the domain once I have it all setup. Now I am also going to have a wireless router connected to the switch as well. I am hoping to use the server's DHCP, and the DNS which is necessary for Active Directory.
Ok, bare with me here I know this is a long post. I really need to know a few things befoire moving forward. One, does my setup look like it will work. Two, will I need to use ICS to get the Pro machines in the domain connected to the internet? Three, can I setup the DHCP scope to be assigned to just to my server's secondary NIC? In other words can I keep the NIC that is connecting to the Router statically assigned to 192.168.0.2? Any help would be greatly appreciated! Thanks in Advance!
Seems like your getting ready to create quite an interesting network there!
While your bound to hit into problems, we can nail them as they start appearing, but for now, lets take a look at your 3 questions:
1) It sort of seems logical, I can't see anything there that might not work, but then again, its 1 am here in Greece so I might be wrong:)
2) Since your Windows 2K will be connected to your router it will need to somehow "route" packets to the rest of the network, this is done by initialising ICS on the nic that connected to the router.
3) There is a small conflict here that needs to be mentioned.
Once you enable ICS on the public network card of you Win2k machine (thats the one connected to the router), the 2nd network card, which is the one installed in the Win2k server and connected to the switch, will automatically be assigned the 192.168.0.1 IP Address.
Now, because you don't want any routing problems, you can either change the 192.168.0.1 address assigned to the Private NIC to something else, or leave it that way and change the Public NIC (the one that connects to the router) IP Address to something different, e.g 192.168.1.0.
The DHCP server can be configured to only hand out IP Addresses to one of the two networks the Win2k server will be attached to, so you don;t have to worry about your router recieving DHCP requests and changing its IP Address.
Here Is the diagram I'm picturing in my head:
PC1 and 2 connect to your switch.
Also, I should note to you that you will most certainly not require any X-over cable between the switch and the Win2k Private NIC. You might though need it between the Win2k Public NIC and the router, unless your router has a "uplink" switch.
I am going to be trying this network setup sometime within the next two days, and I will let you know the outcome. I do have another question though. Would I be playing with fire if I were to have my internet connection going directly to my Server? I know it's W2K, so yeah, I am aware that this could be trouble, but if I stay up to date with security installs, firewall, and antivirus software would I still be percieved as nuts? I am really interested in firewalls and I do have a copy of ISA firewall standard. Either way let me know. Thanks again!
Yes... you are surely nuts if you expose an Windows machine directly to the Internet ... but hey ...its a nutty world so what the heck
Seriously, if you want to check out ISA server, just stick it on there and connect it, but make sure you don't leave it permanently like that. Also, make sure that you install a 3rd party firewall, something like Zone alarm, to monitor the system.
Everyone knows that any windows system, no matter what firewall software its got installed, is a bomb waiting to explode, so keep that inmind.
Lastly, make sure you have no sensitive data on that machine, and disconnect it from your internal switch if your leaving the house... you don't want someone browsing your private lan while your out having some fun!
Well it started out well enough, but ultimately my first attempt to setup the network failed. I think the biggest problem was that I could not even ping the my server's secondary NIC from one of my PC's that were connected to the switch. Here is a quick outline of the setup.
1. Setup the network like so.
2. I have no idea why I couldn't reach the secondary NIC from the PC1 machine that was connecte to the switch switch. All connections made using CAT5 cable that was store bought. Anything I might have missed in this config?
Both server NICs were assigned static IP addresses. DHCP was bound to the secondary NIC and I was using a normal scope.
Not sure why you are unable to see the 2nd NIC, unless ICS is not set up correctly. Would like to see your IPconfig on all the machines to see if there is anything obvious there. I would also turn off DHCP, temporarily and set the 2nd NIC to a static address - just to test to see if you can see it. If you can, you have a DHCP issue. If not, it could be various other issues.