external subnet same as internal subnet

Discussion in 'Windows Small Business Server' started by Jug, Apr 9, 2008.

  1. Jug

    Jug Guest

    We have had a SBS2003 server setup for years now on the 192.168.1.x/24 subnet.
    With the increased availability of DSL, more and more people are getting DSL
    with routers configured with the same subnet. Obviously when the guys connect
    via VPN they cannot browse the server etc as the adsl routers are on the same
    subnet and dont route the requests over the VPN tunnel.
    We have dual NICS in the server and I was considering assigning a completely
    different IP address to the second NIC, setting up a matching Remote Access
    DHCP scope and modifying the Netscreen Firewall rules to alllow traffic flow.
    Will this work or is it going to cause more trouble. does anyone have a
    simpler solution?
     
    Jug, Apr 9, 2008
    #1
    1. Advertisements

  2. Simple,

    Use the IP Change wizard This Friday at the end of the day.
    Have everyone reboot and get the new IP's
    and change the Static IP's of your Printers and other servers.

    Try 192.168.16.xxx

    That's a standard SBS range.

    :)

    Russ

    --

    SBITS.Biz
    Microsoft Gold Certified Partner
    Microsoft Certified Small Business Specialist.
    MCP, MCPS, MCNPS, (MCP-SBS)
    World Wide Remote SBS2003 Support - http://www.SBITS.Biz
    Information on Small Business Server 2008 - http://www.sbs2008.com
    Information on Essentials Business Server - http://www.ebs2008.com



    -
     
    Russ \(SBITS.Biz\), Apr 9, 2008
    #2
    1. Advertisements

  3. Or use something else entirely....

    Reserved IP addresses for private networks

    10.0.0.0 - 10.255.255.255

    172.16.0.0 - 172.31.255.255

    192.168.0.0 - 192.168.255.255

    I use 172.16 ...... most of the time as it is far less likely to be used
    anywhere.
     
    Lanwench [MVP - Exchange], Apr 9, 2008
    #3
  4. UH Sorry to disagree but I wouldn't use
    192.168.0.xxx

    Because is a common router default

    :(

    Sorry Lan, and good morning.
    It's 5:14am (I've been up all night LOL)

    Russ


    --

    SBITS.Biz
    Microsoft Gold Certified Partner
    Microsoft Certified Small Business Specialist.
    MCP, MCPS, MCNPS, (MCP-SBS)
    World Wide Remote SBS2003 Support - http://www.SBITS.Biz
    Information on Small Business Server 2008 - http://www.sbs2008.com
    Information on Essentials Business Server - http://www.ebs2008.com



    -

    "Lanwench [MVP - Exchange]"
     
    Russ \(SBITS.Biz\), Apr 9, 2008
    #4
  5. Jug

    Jug Guest

    Thanks Guys,
    I know I can change all the IP addreses, but the problem is we have two
    sites in different countries running off this SBS server linked by a VPN
    through netscreen firewalls. It can be done as you say but would the other
    method of using a 2nd IP address work?

     
    Jug, Apr 9, 2008
    #5
  6. Jug

    Joe Guest

    You can use a second NIC for what you like, but you will be fighting the
    SBS wizards. As far as they are concerned, with two NICs, one is inside
    the LAN and one is very definitely outside, and the firewall is
    configured appropriately. You can override the wizards, but they will
    bite you when you least expect it. SBS is *not* Windows Server, it's a
    custom OS based on it.

    But it wouldn't work anyway. Routing has to work at both ends, and if
    the SBS can see two different routes to what is apparently the same
    subnet, it will pick the cheaper, or if of equal cost, the higher in the
    routing table. It will never send anything by the other route, unless
    the first become unreachable. The point about the subnets being
    different is that no interface on any of the machines involved can have
    an address in the same subnet as any of the remote subnets to be
    reached, and therefore are present in that machine's routing table.

    There really isn't any substitute for different network addresses
    everywhere.
     
    Joe, Apr 9, 2008
    #6
  7. LW was not suggesting to use 192.168.0.x, she simply outlined the full
    range of defined private IP addresses (well, almost, she didn't mention
    the APIPA range of 169.254.x.x)

    Her suggestion was one of the 172.16-31.x.x blocks.
     
    Steve Foster [SBS MVP], Apr 10, 2008
    #7
  8. That's ok, when you change the subnet, you'll update all the netscreens.
    No.

    You need to change either the corporate subnets, or all the remote users
    subnets. You choose.
     
    Steve Foster [SBS MVP], Apr 10, 2008
    #8
  9. Jug

    Jug Guest

    Thanks Guys for all your advice. I will now have to do a thorough check of
    our IP addressing in both countries as I don't want to be cut off half way
    through the change. I really appreciate you taking the time to answer my
    question.
     
    Jug, Apr 14, 2008
    #9
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.