Feasible server configuration?

  • Thread starter Thread starter Captain Blammo
  • Start date Start date
C

Captain Blammo

I've got a machine running Win2k server, and had a few plans for it. I'd
greatly appreciate any feedback on how realistic my goals are.

It has 2 NIC's in it and is the domain controller (Running DNS and WINS
servers). I wanted to have one NIC attached to a hub or switch with a few
machines connected, to which it will serve files using standard shares. The
other NIC I wanted to be hooked up to a wireless access point/broadband
router combo.

I was rather hoping that it would provide net access to the machines
directly connected to it, and also allow users to connect to the domain via
IPsec if they are using wireless or if they are at a remote location in
order to securely access shares on the server. The wireless IPsec
connections will need net access too.

Is this even possible? I've got a domain set up and some
users/groups/permissions defined, but am a bit stuck now. I get the
impression that I may need multiple machines for this task, but can really
only spare the one. Any hints at what I could try would be greatly
appreciated, as I'm fairly new to all of this.

Thanks!

Ewan
 
Bad idea for the 2 nic config. Hang the WAP off the router, and plug the
server into the ports in the back of the router. you dont want to have lots
of interfaces with different IP's on WINS and AD boxes, as it can create
serious problems with address referrals when some applications query the
directory.

Its best to keep your DC and WINS boxes configured with a single IP address
(beit with 1 interface, or a teamed interface).

NuTs
 
Bad idea for the 2 nic config. Hang the WAP off the router, and plug the
server into the ports in the back of the router. you dont want to have lots
of interfaces with different IP's on WINS and AD boxes, as it can create
serious problems with address referrals when some applications query the
directory.
Click to expand...

If the server only has 1 NIC, I'll have to plug the rest of the network
right into the wireless/router combo, which means it will become accessible
via the non-secure wireless connections (I dont trust WEP). I can't think of
any way to force the wireless users to connect via VPN or not at all with
this configuration (though they still get web access, which is nice. Until
WEP comes on). Is it a bad idea to just make the whole network use
IPsec/L2TP, even locally? That would fix things.
Its best to keep your DC and WINS boxes configured with a single IP address
(beit with 1 interface, or a teamed interface).
Click to expand...

True enough I suppose. Thanks for the advice!

Ewan
 
Back
Top