Questions

Built a new server

Tags:
+
0 Votes
Locked

Built a new server

mdphoenix
So I got a new server from Dell, the OS is installed, and I want to start testing somet things. I had asked a question earlier last week, but the answers I got weren't helping me out. So I'll try to rephrase it here.

I want to have this server conneced to my LAN but not be able to see the other computers. I want to some how be able to connect it to my LAN but have it act as if it were on it's own broadband connection. Does this make sense? Maybe I'm not explaining it properly? I thought I needed to create a VLAN, but I don't know how. I have a VLAN capable switch.. but I don't know if I need something else.
  • +
    0 Votes
    Timbrewolf

    Do you want other computers to see the server, but the server can't see other computers? Or did you just want that server locked down so it doesn't have access to other computer. In that case, do you just want it connected to your LAN for Internet access?

    It sounds like a VLAN would be the best plan, but depending on how you have your network setup (Domain, etc.) you may just be able to setup policies to not allow it to access other systems.

    +
    0 Votes
    mdphoenix

    THAT my friend, is exactly what I want to do. I already have an active domain controller on the LAN. The new one I've configured is going to another office but I want it live on the Internet here for configuration and testing. I haven't the first clue about how to configure a VLAN though. I went through the interface on the switch, and thought I had it configged properly, but I ended up cutting everyone off. So I reset it back to defaults and here I sit....

    +
    0 Votes
    scott.andrews

    Why don't you try setting up different IP addresses with different masking. That way you can prevent your new test server from seeing the rest of the network?

    Or, what we've done for our test environment is setup a VMware server which can host VMs and then you can prevent the VMs from accessing the network or bridge them out to your LAN when you do need internet access for them.

    +
    0 Votes
    mdphoenix

    But I figure, I've got the capability to create a VLAN, it'll do exactly what I want. I just thought it would be easier.

    I've already started this freight train a-rollin'. If I can't get it nailed down today, subnetting it will be.

    +
    0 Votes
    DownRightTired

    So it seems what you really want to know then is how to properly set up a VLAN?

    +
    0 Votes
    mdphoenix

    Provided a VLAN will do what I need it to, yes. I mean, It's over my head, and I want to learn it. I want to learn anything I can related to my field. But most importantly right now, I want this segregated network with Internet access to work properly.

    I've read thread after thread about creating VLANs, but I'm either reading the wrong things or I'm just stupid and it's not sinking in....

    +
    0 Votes
    mdphoenix

    Since a VLAN obviously won't do what I want - I think it's because of the Layer 3 Router that's at the head of the LAN - let me explain exactly what I want to do....

    I have a 10 user network with a Windows 2000 PDC. The PDC is a Proliant.

    We also have a wireless access point which is encrypted for use by my users. We have three offices over 50 miles apart from each other, so our mobile users come and go as they please and use the WAP.

    Here?s what I WANT to do. I have a Netgear Wireless Router. I want to configure it so our clients can come in and use it freely without an encryption key, yet not have access to our LAN resources. Where the new server comes in to play is this ? The unit has been purchased for another of our offices. I want to configure it here, then move it to it?s permanent home later. While configuring it here, I don?t want it to see the current PDC, either, as I don?t want any issues with the two domains seeing each other. ? So if I can establish a ?public? segment on my LAN for clients, then I could use that for the new server as well.

    So the bottom line ? I need to create a segment of my LAN for public use with no access to company resources except the broadband connection.

    Now, instead of me saying I want a VLAN to do this, I will ask you, the experts, how I would accomplish this? Do I need a hardware appliance of some sort? There?s a spare NIC in the Proliant, can I create a segmented LAN from that? I?m open to anything? really. Once I establish this segment here, I need to do this at my other two locations as well.

    Thanks for all your help!

    +
    0 Votes
    mdphoenix

    Since a VLAN obviously won't do what I want - I think it's because of the Layer 3 Router that's at the head of the LAN - let me explain exactly what I want to do....

    I have a 10 user network with a Windows 2000 PDC. The PDC is a Proliant.

    We also have a wireless access point which is encrypted for use by my users. We have three offices over 50 miles apart from each other, so our mobile users come and go as they please and use the WAP.

    Here?s what I WANT to do. I have a Netgear Wireless Router. I want to configure it so our clients can come in and use it freely without an encryption key, yet not have access to our LAN resources. Where the new server comes in to play is this ? The unit has been purchased for another of our offices. I want to configure it here, then move it to it?s permanent home later. While configuring it here, I don?t want it to see the current PDC, either, as I don?t want any issues with the two domains seeing each other. ? So if I can establish a ?public? segment on my LAN for clients, then I could use that for the new server as well.

    So the bottom line ? I need to create a segment of my LAN for public use with no access to company resources except the broadband connection.

    Now, instead of me saying I want a VLAN to do this, I will ask you, the experts, how I would accomplish this? Do I need a hardware appliance of some sort? There?s a spare NIC in the Proliant, can I create a segmented LAN from that? I?m open to anything? really. Once I establish this segment here, I need to do this at my other two locations as well.

    Thanks for all your help!

  • +
    0 Votes
    Timbrewolf

    Do you want other computers to see the server, but the server can't see other computers? Or did you just want that server locked down so it doesn't have access to other computer. In that case, do you just want it connected to your LAN for Internet access?

    It sounds like a VLAN would be the best plan, but depending on how you have your network setup (Domain, etc.) you may just be able to setup policies to not allow it to access other systems.

    +
    0 Votes
    mdphoenix

    THAT my friend, is exactly what I want to do. I already have an active domain controller on the LAN. The new one I've configured is going to another office but I want it live on the Internet here for configuration and testing. I haven't the first clue about how to configure a VLAN though. I went through the interface on the switch, and thought I had it configged properly, but I ended up cutting everyone off. So I reset it back to defaults and here I sit....

    +
    0 Votes
    scott.andrews

    Why don't you try setting up different IP addresses with different masking. That way you can prevent your new test server from seeing the rest of the network?

    Or, what we've done for our test environment is setup a VMware server which can host VMs and then you can prevent the VMs from accessing the network or bridge them out to your LAN when you do need internet access for them.

    +
    0 Votes
    mdphoenix

    But I figure, I've got the capability to create a VLAN, it'll do exactly what I want. I just thought it would be easier.

    I've already started this freight train a-rollin'. If I can't get it nailed down today, subnetting it will be.

    +
    0 Votes
    DownRightTired

    So it seems what you really want to know then is how to properly set up a VLAN?

    +
    0 Votes
    mdphoenix

    Provided a VLAN will do what I need it to, yes. I mean, It's over my head, and I want to learn it. I want to learn anything I can related to my field. But most importantly right now, I want this segregated network with Internet access to work properly.

    I've read thread after thread about creating VLANs, but I'm either reading the wrong things or I'm just stupid and it's not sinking in....

    +
    0 Votes
    mdphoenix

    Since a VLAN obviously won't do what I want - I think it's because of the Layer 3 Router that's at the head of the LAN - let me explain exactly what I want to do....

    I have a 10 user network with a Windows 2000 PDC. The PDC is a Proliant.

    We also have a wireless access point which is encrypted for use by my users. We have three offices over 50 miles apart from each other, so our mobile users come and go as they please and use the WAP.

    Here?s what I WANT to do. I have a Netgear Wireless Router. I want to configure it so our clients can come in and use it freely without an encryption key, yet not have access to our LAN resources. Where the new server comes in to play is this ? The unit has been purchased for another of our offices. I want to configure it here, then move it to it?s permanent home later. While configuring it here, I don?t want it to see the current PDC, either, as I don?t want any issues with the two domains seeing each other. ? So if I can establish a ?public? segment on my LAN for clients, then I could use that for the new server as well.

    So the bottom line ? I need to create a segment of my LAN for public use with no access to company resources except the broadband connection.

    Now, instead of me saying I want a VLAN to do this, I will ask you, the experts, how I would accomplish this? Do I need a hardware appliance of some sort? There?s a spare NIC in the Proliant, can I create a segmented LAN from that? I?m open to anything? really. Once I establish this segment here, I need to do this at my other two locations as well.

    Thanks for all your help!

    +
    0 Votes
    mdphoenix

    Since a VLAN obviously won't do what I want - I think it's because of the Layer 3 Router that's at the head of the LAN - let me explain exactly what I want to do....

    I have a 10 user network with a Windows 2000 PDC. The PDC is a Proliant.

    We also have a wireless access point which is encrypted for use by my users. We have three offices over 50 miles apart from each other, so our mobile users come and go as they please and use the WAP.

    Here?s what I WANT to do. I have a Netgear Wireless Router. I want to configure it so our clients can come in and use it freely without an encryption key, yet not have access to our LAN resources. Where the new server comes in to play is this ? The unit has been purchased for another of our offices. I want to configure it here, then move it to it?s permanent home later. While configuring it here, I don?t want it to see the current PDC, either, as I don?t want any issues with the two domains seeing each other. ? So if I can establish a ?public? segment on my LAN for clients, then I could use that for the new server as well.

    So the bottom line ? I need to create a segment of my LAN for public use with no access to company resources except the broadband connection.

    Now, instead of me saying I want a VLAN to do this, I will ask you, the experts, how I would accomplish this? Do I need a hardware appliance of some sort? There?s a spare NIC in the Proliant, can I create a segmented LAN from that? I?m open to anything? really. Once I establish this segment here, I need to do this at my other two locations as well.

    Thanks for all your help!