Sign in
 
HomeWindows Server 2012Windows Server 2008 R2Windows Server 2003LibraryForums
Windows Server TechCenter >
Networking questions for a rookie

Answered Networking questions for a rookie

  • Wednesday, April 11, 2012 2:56 PM
     
     
    Sign In to Vote
    0

    I'm in the process of helping a friend setup a network for his small business office. We hope to get a firwall (which I believe will also replace the existing router) and get all the client workstations joined to a domain.

    See below for a quick layout of what I'm trying to hook up.

    I will be installing a new Windows 2008 R2 Server, a SonicWall TZ 100 Firewall (with the wireless option), a Dell PowerConnect 24 port switch (which can be managed or unmanaged), and networking a total of 11 workstations.

    Here is what I understand, and would love it if someone would be willing to take the time to give me their thoughts.

    • SonicWall TZ 100 - I am making a few assumptions. First off, I assume that I will be replacing the current "4 port router" provided by his ISP with this device, correct? I appears that I plug in the SonicWall directly from the DSL modem to the WAN port of the SonicWall TZ 100. I then enter the static IP address information (provided my my ISP) to the "WAN" portion of the SonicWall. This is where i start to get confused. The SonicWall, out of the box, comes with DHCP enabled. This leads me to questions on my Windows 2008 R2 server DHCP setup. Since I plan to setup the IP scope on the server, what do I enter for the "Gateway" address? Out of the box the sonicwall comes with a DHCP IP range of 192.168.168.1 - 192.168.168.167. Do I need to turn off DHCP services on this device? As I understand, on my DHCP server I need to point my DHCP scope's gateway setting (DHCP option 3) to the IP of my router, and this should be the "private IP/interface on my network" (correct?). I can't seem to figure out what the "private IP address of the router is. I can remote into the web interface of the sonicwall router using a default IP of 192.168.168.168, is that the private IP that I should enter as the gateway on my server? Or is that one of the IP's that it hands out via DHCP (which means I should disable DHCP or create a static... maybe?!?)

    Let's start with that and I'm sure I'll have more questions. Thank you so much for taking the time to help me out.

     

All Replies

  • Wednesday, April 11, 2012 4:13 PM
     
     Answered
    Sign In to Vote
    1

    First off, a DHCP server cannot get a DHCP address from itself (at least Ive never seen that work).  The DHCP range you cited does not include 192.168.168.168 (DHCP 1-167), so the 192.168.168.168 address would be the static LAN address for that SonicWall.  (BTW, the default LAN interface for TZ100 is 192.168.168.168)

    If you are going to have a Windows AD Domain, I would use the DNS and DHCP service on the domain, turn it off on all other devices and let Windows handle all of those tasks, this is especially if you are going to let DHCP auto-register DNS entries for your workstations.

    Your gateway address on your DHCP scope will be the next hop router, which in your scenario, it will be the LAN interface of your SonicWall.  So, in your DHCP scope, you will want to set your DNS server to point to IP address of your internal DNS and the gateway would be 192.168.168.168.

    In the configuration of the TZ100, you can view/set the LAN IP address from Network->Interfaces and select the interface you want.

     
  • Wednesday, April 11, 2012 4:56 PM
     
     Answered
    Sign In to Vote
    0

    Here is some additional information that may help you work out the details of your design (example design shown below):

    http://www.itgeared.com/articles/1042-designing-active-directory-for-soho/

    Guides and tutorials, visit ITGeared.com.

    itgeared.com facebook twitter youtube

     
  • Wednesday, April 11, 2012 5:26 PM
     
     Answered
    Sign In to Vote
    1

    Hello,

    the physical view is fine.

    I suggest to disable the routers DHCP server and use of the Windows DHCP Server which can be fully integrrated with DNS and also provide more optiond then the router. http://technet.microsoft.com/en-us/library/cc771732.aspx

    Configure the scope on the DHCP server with the private network 192.168.1.0/24 means SM 255.255.255.0 starting with 192.168.1.20 as first lease address and stop with 192.168.1.70 so you have available 50 DHCP leases, should be sufficient even if a guest may access the LAN in the future.

    The first 20 addresses use for fixed ip addresses on servers, switches and routers(LAN port), so you have also some spear on this level. ANd if the scope maz become to small you can still expand it up to 192.168.1.250, the last 4 keep in spare.

    DHCP server configuration http://technet.microsoft.com/en-us/library/cc732584.aspx and you can ignore the IPv6 part, just use the default options.

    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.


     
  • Wednesday, April 11, 2012 5:38 PM
     
     
    Sign In to Vote
    0
    Thank you very much for the reply! As noted above, the default IP of the TZ 100 is 192.168.168.168, do I need to change that to something in the IP scope I'll be setting up on the server, or does that matter?
     
  • Wednesday, April 11, 2012 5:46 PM
     
     Answered
    Sign In to Vote
    0

    Hello,

    you can use whatever ip on the router, there is no problme changing the default on the router to the 192.168.1.1 for example. Just make sure to stay in one subnet with all ips.

    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

     
  • Wednesday, April 11, 2012 5:49 PM
     
     Answered
    Sign In to Vote
    0

    You want a static IP on the TZ100, but you never want a static IP to fall into a DHCP scope, there is a possibility that a device will grab that address from the DHCP server, then you will have a IP address conflict.  When you create a DHCP scope, you always want to leave some addresses in the subnet out of the scope for static assignments like servers, routers, switches, etc..

     
  • Friday, April 20, 2012 3:22 AM
     
     
    Sign In to Vote
    0

         Hi there, I'm fairly new to networking architecture, my next assignment  is to run a network cable from a switch to a class room for the purpose of classroom pc's to be able access the internet.

         Right now there is a 4 port wired router, a switch, a DSl modem plugged into the router and 10 workstations. Management just wants too get rid of the DSL modem in the class room and safe some money on paying an internet provider. These computers do not need to be part of the domain.

         In the main server room we have 2008 R2 server, a high speed modem with another internet provider, 4 switches and a broadcom router for our VoIP phones.

         There are available ports on one of the switches. Could I just run a network cable from a switch into a WAN port on the router since all I need is to give them internet access? And then put router on a different subnet, say 192.168.2.1 since our main is 192.168.0.1?

    Thx!