Results 1 to 14 of 14
  1. #1
    New Lounger
    Join Date
    Feb 2014
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Setting up new network questions

    I am about to set a new network in our place.

    We're running a server with windows server 2008.

    We have 24 port switch,

    A router provided by the ISP.

    Client machines with LAN connectivity which are connected to a domain.

    We have GPO implemented.

    How is it possible to provide internet connectivity to the clients? I surfed the net to find an answer. Setting up a proxy server is the answer which i found the most.

    I am not sure how should a proxy server be set.

    How should a proxy server be implemented and configured?

    How should I connect the patch cables/ethernet cables between the router, the server, the switch so that I can provide Internet connectivity to the client machines?

    How should the static IP be assigned?

    Step by step process of the solution to my question will be really appreciable.

    TIA,

    Prasanna.R

  2. Subscribe to our Windows Secrets Newsletter - It's Free!

    Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    Gold Lounger
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    3,375
    Thanks
    7
    Thanked 205 Times in 195 Posts
    The only reason for using a proxy is to restrict internet access and possibly provide a filter / virus scan on incoming traffic. This is the standard arrangement for corporate networks, but for a small office you can opt to go direct and live with everyone having full access to the internet. If you choose the direct option you need to ensure all machines, including the server, have up to date virus and malware protection - you should have these anyway - and that staff are versed in the rules of internet engagement, no porn etc.

    Do you have email on the server and how does the server access the internet to send mail?
    Do you want the proxy version and also the added cost, compexity and management, or are you happy to go direct?
    Does your ISP router allow configuration / filtering?
    Static IP addresses are not required for either method.

    cheers, Paul

  4. #3
    New Lounger
    Join Date
    Feb 2014
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    1) Yes, we have exchange accounts inorder to have intra communications.
    2) I just knew, Proxy has too many factors to decide. Will opt for direct access!
    3) The ISP has provided two DNS address', the clients are able to connect to the internet only when those address' are set.

    imagine there's a network with intranet connectivity or LAN connectivity but no Internet connectivity, and later we decide to have a internet connectivity. We subscribe for a ISP and ISP gives us a leased line connectivity and a Router.

    In this scenario, what am I suppose to do? How should I connect the ISP's router so that the whole network gets internet connectivity?

    (My apologies incase what I am asking you is quite silly)

  5. #4
    Gold Lounger
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    3,375
    Thanks
    7
    Thanked 205 Times in 195 Posts
    As you already have a domain you can use the existing DNS to send all non-domain traffic via the router.
    You need the router plugged into the switch so all machines can access it. Is this your current set up?
    I assume you have a DHCP server on your Windows server?
    Configure DNS forwarding on the AD DNS server for all non-domain requests. Use the 2 ISP DNS servers as the forwarded addresses.
    Now any request for an external IP will resolve and the router will NAT the traffic and send it over the internet.
    Note: the default gateway set on the DHCP server will need to be the local IP address of the router.

    cheers, Paul
    Last edited by Paul T; 2014-02-10 at 05:04.

  6. #5
    New Lounger
    Join Date
    Feb 2014
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Got it now!

    I've installed DNS, but i havent configured the forward lookup zones and reverse lookup zones.

    will configure forward look up zones with the DNS address' that is given by the ISP as per your suggestion!

    The ISP has offered us a wan ip and pool of IP's with the term USABLE RANGE like 115.115.232.XX to 115.115.232.XX. Can you please elaborate what these two terms mean?

    are they connected to assigning static ip to the client machine?

  7. #6
    Gold Lounger
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    3,375
    Thanks
    7
    Thanked 205 Times in 195 Posts
    Forward lookup zones are not DNS forwarders. Be careful what you configure.

    I'm not quite sure what your ISP means by "wan ip", but the "usable range" provides public IP addresses (on the internet) for you to use for things like your mail server or public web site. They have nothing to do with static IP addresses on your client machines - you should never use static IP addresses on your client machines, that is what the DHCP server is for.

    Do you currently have a public facing mail server or is it only internal?
    Do you have a public domain name?
    Is your internal AD name the same as your (intended) public domain name (this is bad, m'kay).

    cheers, Paul

  8. #7
    New Lounger
    Join Date
    Feb 2014
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I dont know what the term public domain means? Can you explain me what it is all about?

  9. #8
    Gold Lounger
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    3,375
    Thanks
    7
    Thanked 205 Times in 195 Posts
    Public domain is the name you use on the internet, e.g. windowssecrets.com.
    You AD name may be based on that, e.g. ad.windowssecrets.com, and it is not available on the internet.

    cheers, Paul

  10. #9
    New Lounger
    Join Date
    Feb 2014
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    okay.. got it..

    Nope. we dont have a public domain name. we just have a local domain.

  11. #10
    Gold Lounger
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    3,375
    Thanks
    7
    Thanked 205 Times in 195 Posts
    Post 4 above has all the settings you need.

    cheers, Paul

  12. #11
    New Lounger
    Join Date
    Feb 2014
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Dear Paul,

    with reference to the post no.5, this what the ISP sent us

    We provide the below default IP block –

    • /29 LAN – 6 usable static IPs.
    • /30 WAN - 1 usable IP
    . Site readiness to install the link.
    • Link to be terminated on Firewall / Router.

    can you explain how are these configurations made? what is the concept behind this?

  13. #12
    Gold Lounger
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    3,375
    Thanks
    7
    Thanked 205 Times in 195 Posts
    WAN is usually a VPN provided by your ISP to allow you to network multiple sites. This IP address is not accessible from the internet.
    LAN would be internet connected IP addresses which you would use for email, web, VPN endpoints etc.
    All you need to do is connect the link to your firewall / router and set up the NAT entries etc.

    cheers, Paul

  14. #13
    New Lounger
    Join Date
    Feb 2014
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    can you eloborate this with a simple real time example? Real time example will be easier for me to grasp the logic.

    TIA,

    Prasanna.R

  15. #14
    Gold Lounger
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    3,375
    Thanks
    7
    Thanked 205 Times in 195 Posts
    Without doing pictures it's not easy.
    WAN definition.

    If you need a more detailed answer please ask a detailed question.

    cheers, Paul

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •