Creating 2nd DHCP scope

[Guest]

We a company leasing out part of our building and we have allowed them to use
our ISP and network to hook up their Voice/IP phones and workstations to. I
want to separate them on a completely different scope on my DHCP server
however.

What are the correct steps in doing this? I've never created a 2nd scope
before. Currently I have our DHCP server running on Windows 2000 using the
class-A IP standard of 10.20.0.x. I've tried reading through a lot of
different posts on here (technet) and links on google about doing this and
have read so many different things. I need an honest, to the point, easy
guide to follow. Basically written in crayola. Also, I'll need to
know/understand how to tell this other company's Voice/IP phones and
workstations to read from the 2nd scope once its setup.

Can I just setup a new scope using 10.20.2.x? Do I need to configure my
CISCO router with 10.20.2.1 so they can get the internet once they're leasing
ou the new scope? Is there a resource link that shows the breakdown of a
given number of IP's along with the subnets that needs to be used with it?

Please help, anyone.
Thanks

 

[Guest]

You will have to put a 2nd NIC in your server and assign it an address on 2nd
subnet so that address can be handed out from your 2nd scope.

 

[Phillip Windell]

Create the Scope in the normal way. Configure the LAN Router to forward DHCP
Queries to the DHCP Server.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp

 

[Sole Viktor]

Remember you need to seperate the actual networks, just making a second dhcp
scope isnt enough, if both companies are all plugged into the same switch,
using seperate ip adresses wont help you much, not to mention, you wont be
able to distinguish between the two.

so seperate the two networks, use your router to connect them, and the
internet, if possible use a firewall between the two networks, they come
dirt cheap as hardware based firewalls, suggest plaing their network in a
dmz.

example

yournetwork-switches-cisco router
theirnetwork-switches-cisco router
internet-cisco router

second option

yournetwork-hardwarefirewall(LAN port)
theirnetwork-hardwarefirewall(DMZ port)
internet-hardwarefirewall(WAN port)


Now as Philip said, configure your cisco to relay dhcp messages to your dhcp
server, if this is not possible, setup a dhcp relay agent on one of the
windows clients in "their" network to relay to your server.


--
Regards Sole Viktor, MCSE
sole(a)sole.dk

Create the Scope in the normal way. Configure the LAN Router to forward
DHCP
Queries to the DHCP Server.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
-----------------------------------------------------

We a company leasing out part of our building and we have allowed them to use
our ISP and network to hook up their Voice/IP phones and workstations to. I
want to separate them on a completely different scope on my DHCP server
however.

What are the correct steps in doing this? I've never created a 2nd scope
before. Currently I have our DHCP server running on Windows 2000 using
the
class-A IP standard of 10.20.0.x. I've tried reading through a lot of
different posts on here (technet) and links on google about doing this
and
have read so many different things. I need an honest, to the point, easy
guide to follow. Basically written in crayola. Also, I'll need to
know/understand how to tell this other company's Voice/IP phones and
workstations to read from the 2nd scope once its setup.

Can I just setup a new scope using 10.20.2.x? Do I need to configure my
CISCO router with 10.20.2.1 so they can get the internet once they're leasing
ou the new scope? Is there a resource link that shows the breakdown of a
given number of IP's along with the subnets that needs to be used with
it?

Please help, anyone.
Thanks

 

[Phillip Windell]

Remember you need to seperate the actual networks, just making a second dhcp
scope isnt enough, if both companies are all plugged into the same switch,
using seperate ip adresses wont help you much, not to mention, you wont be
able to distinguish between the two.

so seperate the two networks, use your router to connect them, and the
internet, if possible use a firewall between the two networks, they come
dirt cheap as hardware based firewalls, suggest plaing their network in a
dmz.

Yes,..I assumed he already has the physical topology either designed or
knows how to design it. However a Firewall in between will not work, it
needs to be a LAN Router. The type of "forwarding" done by firewalls (aka
Static NAT) is not the same as the type of DHCP Relaying that is done by LAN
Routers which the DHCP Server will require.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
-----------------------------------------------------

 

[Sole Viktor]

True

--
Regards Sole Viktor, MCSE
sole(a)sole.dk

Remember you need to seperate the actual networks, just making a second dhcp
scope isnt enough, if both companies are all plugged into the same
switch,
using seperate ip adresses wont help you much, not to mention, you wont
be
able to distinguish between the two.

so seperate the two networks, use your router to connect them, and the
internet, if possible use a firewall between the two networks, they come
dirt cheap as hardware based firewalls, suggest plaing their network in a
dmz.

Yes,..I assumed he already has the physical topology either designed or
knows how to design it. However a Firewall in between will not work, it
needs to be a LAN Router. The type of "forwarding" done by firewalls (aka
Static NAT) is not the same as the type of DHCP Relaying that is done by
LAN
Routers which the DHCP Server will require.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp