Koozali.org: home of the SME Server

Legacy Forums => General Discussion (Legacy) => Topic started by: Dub Dublin on April 12, 2002, 06:34:27 PM

Title: How to config External-ONLY SME server?
Post by: Dub Dublin on April 12, 2002, 06:34:27 PM

I need an SME server to host a domain remotely at a co-lo site.  This throws a few kinks into the usual SME config:

 -  The SME server will have only one network interface. (And it may have to be USB - not sure if that'll work, though...)

 -  I'm not sure the "Server-only" option is a good one, since (I think) that assumes the box is inside a firewall, not exposed directly to the net.  I need firewall and server functions, but no gateway, proxy, etc.

It looks like configuring a box as a Server/Firewall/Gateway may create problems if there's only one NIC.  (I'd try this, but my only spare machine at the moment is currently a pre-production full SME gateway/server box.)
 
Questions:

How should SME be configured to best do this?

Is it feasible to securely remotely manage everything in this configuration?  If so, how?

Thanks,

Dub

Title: Re: How to config External-ONLY SME server?
Post by: Les Mikesell on April 12, 2002, 08:04:20 PM

The simple way would be to toss in another $10 NIC card and configure as host/gateway, then just don't plug anything in on the LAN side.  A side effect of this is that you will get a range of IP's from the private side allocated for PPTP connections for your secure management from outside and if you happen to be nearby with a laptop you can plug in directly with a crossover cable and get a DHCP address.  I'm running a couple of boxes that way where there were already dual NICs on the motherboard, but I'm sure adding a card would be much easier than the amount of customization you will have to do otherwise.

Title: Re: How to config External-ONLY SME server?
Post by: Dub Dublin on April 12, 2002, 08:41:42 PM

The problem, of course, is that if I have to use USB ethernet, I'm not sure I can use two of them.  (Heck, I'm not sure I can get *one* working...)  So a single NIC is still preferable...

I like the PPTP idea, though.  Thanks for the suggestion.

Title: Re: How to config External-ONLY SME server?
Post by: Duncan on April 13, 2002, 04:57:19 AM

Just a suggestion. Install IPcop on a low end machine and port forward to your server only SME machine.

IPcop supports usb and port forwarding

Regards Duncan

Title: Re: How to config External-ONLY SME server?
Post by: Andrei on April 13, 2002, 12:24:20 PM

I have run this configuration before but like Les explained I had to have another nic installed initially anyway. I'm not sure if it was a fluke or not but I removed the internal NIC and everything still ran fine the server couldn't tell the difference. Mind you the only thing I did different was disable DHCP. I'm curious to know why you may have to use a USB nic? Personally I think that maybe a linux distro with the installed firewall and Apache web server would be a more trouble free solution.