|
it
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Server with NICs in different VLANs: SeparationOne question for the geniuses: I'm not sure if it's possible to do this with windows. Could you please give me a hint? There is a server (shared folders, proxy etc.) with a connection to the WAN. This server shall be connected to the LAN via two VLANs, either tagged (one NIC/cable) or untagged (two NICs/cables). Devices in one VLAN should not be able to see devices in the other VLAN. But however from both VLANs access to the server shall be possible and also via the server out to the WAN. The server could be Windows SBS or a Linux. I have yet found out that Windows does not natively support tagged VLANs, apparently this has to be implemented in the NIC device drivers. But ok, doesn't matter, I can choose the NICs accordingly. But what I don't know yet is if I can keep the VLANs clearly seperated even though common acces to the server and WAN. Can you perhaps help me here? Is it possible to do this with a Win SBS? cheers, Jan Although it ia a crappy idea, without a Router between them (the server is
not a router),...then yes,... they are separated. But then you have to deal with all these possble issues... 159168 - Multiple Default Gateways Can Cause Connectivity Problems http://support.microsoft.com/kb/159168/EN-US/ Name resolution and connectivity issues on a Routing and Remote Access Server that also runs DNS or WINS http://support.microsoft.com/kb/292822/en-us 272294 - Active Directory Communication Fails on Multihomed Domain Controllers http://support.microsoft.com/default.aspx?scid=kb;en-us;272294 191611 - Symptoms of Multihomed Browsers http://support.microsoft.com/default.aspx?scid=kb;EN-US;191611 Microsoft Windows XP - Multihoming Considerations http://www.microsoft.com/resources/documentation/windows/xp/all/reskit/en-us/prcc_tcp_qpzj.asp? 157025 - Default Gateway Configuration for Multihomed Computers http://support.microsoft.com/default.aspx?scid=kb;en-us;157025&Product=win2000 -- Show quoteHide quotePhillip Windell The views expressed, are my own and not those of my employer, or Microsoft, or anyone else associated with me, including my cats. ----------------------------------------------------- "Jan Lausch" <s***@gmx.de> wrote in message news:Xns9C4064FE326Csjkajl@130.133.1.18... > Hi, > > One question for the geniuses: I'm not sure if it's possible to do this > with windows. Could you please give me a hint? > > There is a server (shared folders, proxy etc.) with a connection to the > WAN. > This server shall be connected to the LAN via two VLANs, either tagged > (one NIC/cable) or untagged (two NICs/cables). > Devices in one VLAN should not be able to see devices in the other VLAN. > But however from both VLANs access to the server shall be possible and > also via the server out to the WAN. > > The server could be Windows SBS or a Linux. > > I have yet found out that Windows does not natively support tagged VLANs, > apparently this has to be implemented in the NIC device drivers. But ok, > doesn't matter, I can choose the NICs accordingly. > > But what I don't know yet is if I can keep the VLANs clearly seperated > even though common acces to the server and WAN. > > Can you perhaps help me here? Is it possible to do this with a Win SBS? > > cheers, > Jan Hi,
Thanks, Phillip, for your extensive help. I see the point you're making, thanks for all the pointing to problems. In fact, I will think about having a seperate router but for various reasons it's likely that that's not going to be possible. But thanks for now. Jan "Jan Lausch" <s***@gmx.de> wrote in message At least, forget about using SBS server. SBS is a special case and news:Xns9C417A003981Csjkajl@130.133.1.18... > Hi, > > Thanks, Phillip, for your extensive help. > > I see the point you're making, thanks for all the pointing to problems. > In fact, I will think about having a seperate router but for various > reasons it's likely that that's not going to be possible. > > But thanks for now. > > Jan designed to run as the first/only DC in a domain. It is most unsuitable to run as a standalone router! "Jan Lausch" <s***@gmx.de> wrote in message If you watch out for the things outlined in those articals you can "get by".news:Xns9C417A003981Csjkajl@130.133.1.18... > I see the point you're making, thanks for all the pointing to problems. > In fact, I will think about having a seperate router but for various > reasons it's likely that that's not going to be possible. If this SBS happens to be the Premium Edition you can use ISA on it as a "router". ISA is designed as a Firewall but it is also able to serve as a LAN Router as long as you don't want to get deep into Dynamic Routing Protocols,...basically you'd just have Static Routing. However if it is not the Premium Edition then you can't use ISA with it. Why? Because of the SBS licensing and because it only works with ISA2000 (pre SP1) and ISA2004 (post SP1), and it must be installed from the ISA installation on the SBS Premium Install Disks,..not from a standalone ISA install disk,...by using the SBS installation Wizard. ISA2006 won't work at all,...not compatible. -- Phillip Windell The views expressed, are my own and not those of my employer, or Microsoft, or anyone else associated with me, including my cats. -----------------------------------------------------  
Other interesting topics
|
|||||||||||||||||||||||
