General discussion

Locked

Adding Wireless Router to SBS Network

By rdavis ·
I am trying to set-up MS Small Business Server 2003 for the first time and am trying to determine the best way to add a wireless connection to the server.

I have a server with 2 NIC cards, 3 clients (2 XP Pro Desktops with ethernet and 1 XP Pro Laptop with wireless) and a Linksys 4-port 802.11g router. I am connecting to the Internet through a home-based AT&T DSL account (e.g. no static IP address).

Is the best topography ? 1) External NIC to DSL Modem to the Internet and 2) Internal NIC to Linksys Router/Swicth to Client computers?

If I use this configuration, do I have to turn-off DHCP functionality of Linksys router?

FYI during SBS install I left one NIC unplugged and plugged the other NIC into an empty hub, so that SBS would see a network connection and not conflict with DHCP on the Linksys router.

Finally, given that I have a dynamic IP through my DSL provider, does anyone recommend a service like No-IP.com to get a static IP?

Thanks in advance - rtd

This conversation is currently closed to new comments.

4 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by StealthWiFi In reply to Adding Wireless Router to ...

I am currently working for a business that wants something very similar to what you are describing, my initial design was to set up the server as the DHCP and set the *linksys* router to be a router not a gateway (chage settings in router) Then the clients connect to the server through the router just as if it was hardlined wiht a switch. Easiest was is to plug the Cat5 (I am assuming you are using Cat5) cabeling from the DSL/Cable modem into ur server's Nic, then the Cat5 from the Router to the other Nic. This way the clients get internet acces through the DHCP ( DNS Stub Zone is nifty on server 2003 R2) and configuring the WAN (internet) for your Exchange server is easy. Also using the router if you have your server also set up as a file server you can Wirelessly access ur fileserv which is Nifty. The problum you might run into is Security. Unless you are very professional or have nothing to lose on your server then don't hook it up to the router, use a seprate switch then the wireless. For your wireless security go as tight as you can, use WPA-PSK with a shared key (if your router supports it) enable MAC filtering and filter the MAC's on your server as well. If you have a LAN party or new clients join then it is a few keystrokes to add there MAC's and much more secure. I will be testing this out over the weekend and will keep you posted with my security configuration as well.
Hope This Helps,
-StealthWiFi-

Collapse -

by curlergirl In reply to Adding Wireless Router to ...

I completely disagree with the previous answer, so you'll have to judge.

THE ONLY WAY I would recommend using the 2-NIC (1 private, 1 public) configuration in a server is if that server is also running a firewall such as Microsoft ISA Server. Without it, your server, by virtue of having a public Internet connection, is not protected at all from all the bad stuff (viruses, trojans, worms, exploits, etc.). In your case, unless you have SBS 2003 Premium Edition, you don't have ISA on your server. Therefore, the only way to protect your server is to put it behind the Linksys router, which affords you some protection (quite a bit actually) by virtue of using NAT.

The best configuration, which protects your server by putting it behind your NAT router/firewall is:

1. Single NIC in the server with a private IP address (static).
2. Use the server's DHCP capabilities; turn off the DHCP server on the Linksys router.
3. Plug the DSL modem into the WAN link on the router.
4. Connect the server and each hard-wired workstation to the switch/hub on the router.
5. Configure the router's LAN connection with a static IP address on the private subnet.
6. Configure the router WAN connection according to your ISP's requirements - you will probably need to put in your user ID/password for your DSL account on the router.
7. You may have to configure some port forwarding on the router if you have an internal web site, are hosting your own email, etc. Probably not in your case, since you have a dynamic IP address.

(See continuation below)

Collapse -

by curlergirl In reply to

8. Configure the wireless access on the router to require MAC address authentication and to use WAP encryption. This will ensure that only the computers you authorize (by putting in their MAC addresses on the router and by providing the WAP key phrase on the laptop) will be able to use your wireless network.

I don't have any experience with the services you mentioned like No-IP.com. I've always required my clients to ante up for a static public IP address. Maybe someone else has some advice on that.

BTW, if you do this and are using OWA/Remote Web Workplace, you will need to configure the router port forwarding to forward ports 80 (OWA) and 43 (SSL); and 444, 3389 and 4125 (RWW) to your server's private IP address.

Hope this helps!

Collapse -

by CG IT In reply to Adding Wireless Router to ...

curlergirl has most everything right but I disagree with the single NIC configuration with SBS provided that there is a perimeter firewall on the WAN link that does NAT. There are some reasons for this. First one is Remote Access. On SBS 2003 Standard Edition, if you have remote clients which wish to gain access via VPN, you need RRAS configured. With 2 NICs, all WAN gets forwarded to SBS RRAS for authentication to the domain.

Back to Networks Forum
4 total posts (Page 1 of 1)  

Related Discussions

Related Forums