Topic: Connect SME Server and the then internaly I cant surf

[steve288]

Over the last month or so on and off I have been trying to get a  8 sme up and running. My primary purpose actually was to install a few contribs and then updates some of the wikis which don't have updated info on them.

However when I set up the Server/gateway and then plug the external Nic into the outside world it brings our network down, (which is connected through other computers). I have re-installed twice and the same thing happens. Presumably there is a conflict of IP's.

We own several IP's Say x.x.x.89-94

Here is how the IP's are used.
One is the gateway provided by the service provider. 89
One is an  watchguard firebox , .90
One is  Production SME server used for mail .91

I have set up the test SME as 92 and 93.
So far as I know nothing is using these ip's. They do not ping back.

But when i plug the SME server/gateway into the router that is our external router a few moments later say 5-10 seconds we cannot surf the internet in the organization or ping an outside address. I have tested this many times and it is definetely the SME that causes the internet to go down. This ocurres with the IPs 92-93. It does not seem to happen with .94.
This makes me think, that 92 and 93 are being used elsewhere, but oddly when I take an xp computer and then give it the 92 or 93 ip and put it on the internet it works fine and I can surf the web and the internet is not brought down.
 
Just to add more mystery to it when I use our last ipaddress .94 in the sme server it does not bring the network down.
Im really baffled by what is causing it.
I have configured it, Server/Gateway

Inside 192.168.4.1 (This is not connected to anything accept a workstation)
subnet mask 255.255.255.0
Outside x.x.x.92 or 93
subnet mask 255.255.255.0
DHCP

Can anyone provide any advice.

[ReetP]

Without professing to be anything of an expert, and in the absence of the other gurus round here I'll step in. Now you are in trouble

It probably ISN'T a SME problem per se but a network misconfiguration in which your SME box is lending a helping hand

Technically at this juncture you should probably open a bug to help you out.

However, a bit more information might get you a bit more help.

What are the settings for each of the other devices ?

How does your SME box that you are trying to configure connect to the outside world ? Via your gateway router, and if so, how is it configured ? Which boxes are static/DHCP etc etc. ?

Have you tried plugging in JUST this SME box to the outside world and then connecting one workstation to it to see if it works ?

Do you need a subnet mask of 255.255.255.0 on your outside IP ? What does your ISP recommend - shouldn't it be more like 255.255.255.255 ?

Supply a bit more data and we might see the wood from the trees.

B. Rgds
John

[johnp]

I'd check the watchdog for an ip conflict

[steve288]

I think your right. SME is just possibly showing up a problem that is not SME's fault.

As i mention we have 6 ips the other devices using the ips are gateway, Firebox (commercial firewall product) and a mail server that is another SME server.
In fact the old SME server works find,  running version 7 of SME server. It has been up for months.

I tried narrowing the scope down to 288.288.288.128 on the sme 8 server but still had the problem.

When I plug the sme8 into the outside world (I will call dmz) it pings the outside world and sometimes doesnt hang the network immediately, say a minute or two, but mostly it does. I can connect a workstation to the SME server and before it hangs I can surf the net fine. I'm not sure how the ADSL router i that gives us the 6 IPs into our DMZ router is configured, because this is set by the phone company.
I'm wondering if the SME server when it is plugged in is just using too much bandwidth and hangs the network because of this. As I mentioned in the last email when I put a laptop into the DMZ and set it up with an external IP I don't get a hang and I can surf the net.
The phone company tells me that the uploads are maxing out many times a day, this is without he SME connected. I wonder if the SME just causes too much activity and its just sucking the bandwidth from the connection, i didnt know it would hang. I notice one time that the TXD and RXD light on the ADSL modem from phone company just both stayed on when I was in one of these hung states. Not sure what that means. Normally the lights flash quickly.

Someone has mentioned watchdog, I did some googleing on it. I don't know anything about it. What if any commands are helpful with watchdog, or what should I look for with this software. Again I don't know anything about it.

Also it seems that many of the visual tools that I thought use to come with SME are not there now like Ntop and some other networking realtime monitoring tools. Can anyone suggest some out of the box tools. I know some go out of favor for others and are replaced. I tried doing a apropos net but cant really see anything there or know which ones to research on.
Thanks.

[ReetP]

OK, a couple of points.

I think you have several problems all compounding one another and you need to break them down and iron them out one at a time.

It almost certainly is nothing to do with either of your SME boxes. They won't just 'suck bandwidth' unless you either tell them too, or they are hacked.

If your internet is maxed out with uploads I suggest you get to the bottom of that problem first. What speed have you got from the ISP? Have you checked for viruses etc on your network ? Do you send a lot of bulk mail ? Are some of your users running torrents or other file sharing ? Dropbox ?

Your SME 7 is obsolete/unsupported and really needs upgrading. It isn't a difficult job. Read the wiki & bugs for how to do it. You should be on v8 as a minimum. If it is doing just email has it been hacked, and is it sending huge amounts of spam ?

You really ought to get to grips with your main router - it may be setup by your ISP, but you need to know what goes on in there, particularly with your setup - you are not a single IP job You should have list of settings from them at the very least - IP addresses, subnet masks, gateways etc.

I don't think this is quite right :

I tried narrowing the scope down to 288.288.288.128 on the sme 8 server but still had the problem.

I would imagine it should be set up with something like

External Interface
IP = x.x.x.92
Gateway IP x.x.x.89
Subnet mask : 255.255.255.248


Internal Interface - your choice e.g.

IP = 192.168.4.1
DHCP

What other machines have you got running on your network - a bit of a sketch/map may help. What supplies DHCP to the network, and do you have any other servers ?

B. Rgds
John

[steve288]

Trying to figure out why we are maxed out is one of the things Im trying to sort out along with the testing of sme.

Part of my testing is to get this sme up and swap it out for the version 7. I find its never as easy as I think it is, well perhaps until its done.
There are several uniqe configurations regarding the old sme that I must have on the new, for example forwarding mail to an exchange server, allowing outlook web access through the sme, which is a bit of a trick. and so on.

I'm reasonably confident I have no hacking on the sme 7. We would have been flagged I think by spam filters by now.


I have gone to the old sme 7 and reconfigured the nic to 255.255.255.248 and rebooted.
It was set for 0. I guess narrowing this cant hurt. The SME8 is the same, 248.

The other servers on the dmz are sme that passes mail to inside exchange and the firebox which is a store bought firewall. and of course the gateway adsl from the phone company.
Inside, well we have Domain controller, printserver, Exchange, sql server, acpac server, backup server.
DHCP is provided by the Domain controller.



I will say this that the sme server I have found for us, benifits from a reboot periodically, say once every month or two.

World
||||
ADSL
||
DMZ => Firebox FW|| Inside Net.|| -> PDC (DHCP), printserver, Exchange, Sql Serv, Acpac Serv, Backups Serv. Users of
||
DMZ => SME7 Server


Anyway unless anyone has any parting shots or revelations, I'm not going to consume any more of your much appreciated time. I must continue my investigation rather than thrashing about. If I have any specific questions or answers I will bring it back.
thanks.