- Posts: 2
- Thank you received: 0
Network hardware config for Windows SBS 2003
18 years 3 months ago #15301
by helmcj
Network hardware config for Windows SBS 2003 was created by helmcj
Windows SBS (Small Business Server) 2003 Premium includes Windows Server 2003 and Windows ISA Sever.
Windows ISA Server appears to provide firewall and VPN capabilities.
Several routers also advertise that they provide firewall and VPN capabilities.
Many "routers" for small business are actually a router+switch(hub?)+wireless access point (80211b/g).
I am trying to understand the advantages / disadvantages / limitations / possibilities of different configurations.
The server running Windows SBS 2003 can reside:
(a) "between" the modem and a switch
(b) "between" a router connected to the modem and a switch
(c) "behind" and "off of" a router+switch(hub?)+wireless access point.
Options (a) and (b) require that the server have dual Ethernet ports while option (c) requires only a single Ethernet port.
It is unclear to me if Windows ISA firewall / VPN capabilities will work in conjunction with those of a router or whether this will just create problems.
It is also unclear to me if a wireless access point that is part of a combined router+switch(hub?)+wireless access point device is actually "ahead" of the switch(hub?) or really no different from a separate wireless access point that is hung off of a switch that is behind a router.
Yes, I know that this is a complicated question.
If someone could recommend a good reference book or URL with the necessary information I would appreciate it.
I have tried various searches using Google and also searches on vendor websites like Linksys, Cisco and Netgear without success.
Any help would be appreciated.
Windows ISA Server appears to provide firewall and VPN capabilities.
Several routers also advertise that they provide firewall and VPN capabilities.
Many "routers" for small business are actually a router+switch(hub?)+wireless access point (80211b/g).
I am trying to understand the advantages / disadvantages / limitations / possibilities of different configurations.
The server running Windows SBS 2003 can reside:
(a) "between" the modem and a switch
(b) "between" a router connected to the modem and a switch
(c) "behind" and "off of" a router+switch(hub?)+wireless access point.
Options (a) and (b) require that the server have dual Ethernet ports while option (c) requires only a single Ethernet port.
It is unclear to me if Windows ISA firewall / VPN capabilities will work in conjunction with those of a router or whether this will just create problems.
It is also unclear to me if a wireless access point that is part of a combined router+switch(hub?)+wireless access point device is actually "ahead" of the switch(hub?) or really no different from a separate wireless access point that is hung off of a switch that is behind a router.
Yes, I know that this is a complicated question.
If someone could recommend a good reference book or URL with the necessary information I would appreciate it.
I have tried various searches using Google and also searches on vendor websites like Linksys, Cisco and Netgear without success.
Any help would be appreciated.
18 years 3 months ago #15306
by Bublitz
The Bublitz
Systems Admin
Hospice of the Red River Valley
Replied by Bublitz on topic Re: Network hardware config for Windows SBS 2003
Try these guys.
www.isaserver.org/
This site is totally dedicated to ISA server.
Ive used ISA/VPN server option (c). Ive used it behind a Sonicwall tz-170 and a Cisco Pix 506e firewall.
I've used it so some clients can remote vpn into their network at home. The cisco and the soicwall both have VPN clients that can do this, but the windows way is free and as long as the clients have windows xp no additional software is needed. So a win win really less cost less setup.
www.sans.org/resources/malwarefaq/pptp-vpn.php
Check the PPTP section it has some good info. As long as the the firewall will pass though GRE protocal (47) that PPTP uses you can use option (c) with that firewall.
I've never used ISA server as a true firewall so I won't be much help there.
www.isaserver.org/
This site is totally dedicated to ISA server.
Ive used ISA/VPN server option (c). Ive used it behind a Sonicwall tz-170 and a Cisco Pix 506e firewall.
I've used it so some clients can remote vpn into their network at home. The cisco and the soicwall both have VPN clients that can do this, but the windows way is free and as long as the clients have windows xp no additional software is needed. So a win win really less cost less setup.
www.sans.org/resources/malwarefaq/pptp-vpn.php
Check the PPTP section it has some good info. As long as the the firewall will pass though GRE protocal (47) that PPTP uses you can use option (c) with that firewall.
I've never used ISA server as a true firewall so I won't be much help there.
The Bublitz
Systems Admin
Hospice of the Red River Valley
18 years 2 months ago #15315
by helmcj
Replied by helmcj on topic Re: Network hardware config for Windows SBS 2003
Thanks for the reply.
It sounds like I should use the following hardware configuration ...
ISP => Router => Server running Windows SBS / ISA => Switch => Network (e.g. Client) PCs
Is this correct?
What about a wireless access point?
Most of the "small office" solutions are all-in-one products that combine Router + Hub/Switch + Wireless Access Point.
Perhaps there is no physical difference between separate components and the all in one devices?
In other words ... within the all-in-one device the hub/switch is "behind" the router and the wireless access point is simply a (hardwired) "node" on the hub/switch.
Is this correct?
I wish I could draw a diagram as it would be easier to illustrate.
It sounds like I should use the following hardware configuration ...
ISP => Router => Server running Windows SBS / ISA => Switch => Network (e.g. Client) PCs
Is this correct?
What about a wireless access point?
Most of the "small office" solutions are all-in-one products that combine Router + Hub/Switch + Wireless Access Point.
Perhaps there is no physical difference between separate components and the all in one devices?
In other words ... within the all-in-one device the hub/switch is "behind" the router and the wireless access point is simply a (hardwired) "node" on the hub/switch.
Is this correct?
I wish I could draw a diagram as it would be easier to illustrate.
Time to create page: 0.126 seconds