Koozali.org: home of the SME Server

SME alongside Server 2003

cydonia

SME alongside Server 2003
« on: July 02, 2004, 09:56:20 AM »
Hi,

I want to install SME Server onto an existing network.

At the moment, the domain controller, dhcp server and file server is a server 2003 machine.

I would suggest just replacing this with SME, but, the server 2003 machine is also used as an application server for some accounting software.


What we are trying to do here is setup an IPSec VPN between a few offices.  It will make things much easier if SME is the public server, as opposed to being behind Server 2003.  

Any tips for installing SME alongside/infront of Server 2003?  Anything to look out for?


Thanks

Offline raem

  • *
  • 3,972
  • +4/-0
SME alongside Server 2003
« Reply #1 on: July 02, 2004, 11:07:43 AM »
...

Offline dmac

  • ****
  • 143
  • +0/-0
    • http://www.rylar.ca
SME alongside Server 2003
« Reply #2 on: July 03, 2004, 06:30:11 AM »
I have the following config,

Internet <---> SME Gateway/server <----> W2003 Enterprise Server

This works great as the SME Server is the gateway and web/mail server.  When you install the SME Server, make sure that you do not start the DHCP if the Current W2003 Server is your primary DHCP Server.  Remember to change the IP configuration of your W2003 server to point to the SME server as the gateway.  Since you are using Active Directory, your DNS is probably tied into the Windows Box, but so far, I have had no issues with the W2003 server correctly forwarding requests outside through the SME server.  

 8-)
"In a world without Fences, why do we need Gates and Windows"

cydonia

SME alongside Server 2003
« Reply #3 on: July 03, 2004, 08:18:49 AM »
Thanks dmac, that is probably how i will have to set it up too...

mbachmann

SME alongside Server 2003
« Reply #4 on: July 05, 2004, 09:38:36 AM »
Config mentioned above, SME gateway, mailserver in front of 2003 and NT 4.0 (WINS) up and running here. Troubles: 2003 dns resolving and active directory. You cannot have Active dir without DNS on 2003. DNS must point to itself, gateway should be the SME machine. DHCP off, too much trouble.

cydonia

SME alongside Server 2003
« Reply #5 on: July 05, 2004, 01:36:04 PM »
So, installing it like this wont affect the local network browsable files in any way?

Thanks.

mbachmann

SME alongside Server 2003
« Reply #6 on: July 05, 2004, 02:51:12 PM »
It should not but it could be, frankly i don't know for sure.

Offline dmac

  • ****
  • 143
  • +0/-0
    • http://www.rylar.ca
SME alongside Server 2003
« Reply #7 on: July 05, 2004, 08:50:17 PM »
cydonia,

With your Windows 2003 DNS server, make sure that you point the Gateway IP address to the SME Server.  As long as you have the correct Root Hints within the Windows 2003 DNS Server any request that the Windows 2003 server cannot resolve will be passed through the SME Server to the Web.  You will also probably have to add a 'A' and 'PTR' record in your Windows DNS to point to the SME Server, and any 'CNAME' records as well (eg. www, ftp, etc).  Also as mbachmann stated, make sure that your Windows DNS Server box points back to itself for the primary DNS Server.  Also, your networked PC's will need the primary DNS Server as the Windows box or you may run into some problems with Domain Authentication and Kerebos (if you are using).

This configuration has been successful for me for the past year, with the exception of a failure with the internet facing NIC card about a month ago.

Regards,

Darin MacLachlan
"In a world without Fences, why do we need Gates and Windows"

Offline dilligaf

  • *
  • 266
  • +0/-0
    • http://www.willcraft.com
SME alongside Server 2003
« Reply #8 on: August 06, 2004, 10:06:50 PM »
I have all of the setting as per dmac post. but my 2003 server will not surf the net.
I have an SME 6.x server ahead of it.
All of the other pc's can surf the net.
From the 2003 server, when I run the MS dcdiag test all is cool (no errors)
I can ping everyway, reslove etc, but can not surf the net.
Any additoinal tips?

Offline MSmith

  • *
  • 675
  • +0/-0
As much as I like SME, for IPSec I'm now a fan of ...
« Reply #9 on: August 07, 2004, 12:12:08 PM »
... Snapgear SME550.  This little beauty does IPSec and PPTP right out of the box and really is a breeze to set up.  Yes, it's $500 U.S. per, but if you're doing a "few offices" I think you'll find the wear and tear on yourself much less if you use several of these devices.
...

mbachmann

SME alongside Server 2003
« Reply #10 on: August 09, 2004, 11:16:52 AM »
Quote from: "dilligaf"
I have all of the setting as per dmac post. but my 2003 server will not surf the net.
Any additoinal tips?


No specific tip. If 2003 can ping, all is o.k. The default security settings in the IE are very tight. Just try another browser for testing purposes?