| Author |
Message |
jmos
Guest
|
 Posted:
Thu Jan 06, 2005 1:19 am Post subject:
Second DC |
|
|
Do I need to install the firewall client on my second DC to get it access to
the Internet?
I get the feeling I do. PDC has ISA 2000 on it. |
|
| Back to top |
|
 |
Dave Nickason [SBS MVP]
Guest
|
| Posted:
Thu Jan 06, 2005 2:17 am Post subject:
Re: Second DC |
|
|
The second DC's default gateway should point to the SBS internal NIC, and
the proxy settings in IE should be the same as those on a workstation
(pointing to SBS and port 8080). I've never needed to install the firewall
client on the second DC or member server.
Best practice from a security standpoint is to not browse from servers,
especially DCs. At the risk of Susan Bradley whacking me with a 2x4, I'll
admit to downloading patches and browsing relevant tech support info from
the servers, but it's definitely something to be avoided whenever possible.
"jmos" <jmos@discussions.microsoft.com> wrote in message
news:65C0DD88-1C53-4F02-B835-9AAE97D0C4B2@microsoft.com...
| Quote: | Do I need to install the firewall client on my second DC to get it access
to
the Internet?
I get the feeling I do. PDC has ISA 2000 on it. |
|
|
| Back to top |
|
|
jmos
Guest
|
| Posted:
Thu Jan 06, 2005 2:43 am Post subject:
Re: Second DC |
|
|
Thanks Dave.
Something's gone wrong on my Second DC which errors with 8032 errors about
the Browser (Master Browser).
I've made the changes to the NIC on the second DC (bTW do you recommend
having two NICs on this type of server?), but I get the above errors.
From the PDC I can browse the Network but not the Second DC. However clients
are able to browse both and see shares, printers...
Can you see me doing anything wrong?
"Dave Nickason [SBS MVP]" wrote:
| Quote: | The second DC's default gateway should point to the SBS internal NIC, and
the proxy settings in IE should be the same as those on a workstation
(pointing to SBS and port 8080). I've never needed to install the firewall
client on the second DC or member server.
Best practice from a security standpoint is to not browse from servers,
especially DCs. At the risk of Susan Bradley whacking me with a 2x4, I'll
admit to downloading patches and browsing relevant tech support info from
the servers, but it's definitely something to be avoided whenever possible.
"jmos" <jmos@discussions.microsoft.com> wrote in message
news:65C0DD88-1C53-4F02-B835-9AAE97D0C4B2@microsoft.com...
Do I need to install the firewall client on my second DC to get it access
to
the Internet?
I get the feeling I do. PDC has ISA 2000 on it.
|
|
|
| Back to top |
|
|
jmos
Guest
|
| Posted:
Thu Jan 06, 2005 2:45 am Post subject:
Re: Second DC |
|
|
PS. Should I restrict or reserve the IP's of servers through DHCP?
"jmos" wrote:
| Quote: | Thanks Dave.
Something's gone wrong on my Second DC which errors with 8032 errors about
the Browser (Master Browser).
I've made the changes to the NIC on the second DC (bTW do you recommend
having two NICs on this type of server?), but I get the above errors.
From the PDC I can browse the Network but not the Second DC. However clients
are able to browse both and see shares, printers...
Can you see me doing anything wrong?
"Dave Nickason [SBS MVP]" wrote:
The second DC's default gateway should point to the SBS internal NIC, and
the proxy settings in IE should be the same as those on a workstation
(pointing to SBS and port 8080). I've never needed to install the firewall
client on the second DC or member server.
Best practice from a security standpoint is to not browse from servers,
especially DCs. At the risk of Susan Bradley whacking me with a 2x4, I'll
admit to downloading patches and browsing relevant tech support info from
the servers, but it's definitely something to be avoided whenever possible.
"jmos" <jmos@discussions.microsoft.com> wrote in message
news:65C0DD88-1C53-4F02-B835-9AAE97D0C4B2@microsoft.com...
Do I need to install the firewall client on my second DC to get it access
to
the Internet?
I get the feeling I do. PDC has ISA 2000 on it.
|
|
|
| Back to top |
|
|
Dave Nickason [SBS MVP]
Guest
|
| Posted:
Thu Jan 06, 2005 3:06 am Post subject:
Re: Second DC |
|
|
The browser error you're seeing refers to the "Computer Browser" service -
it's nothing to do with web browsing or Internet Explorer. The browser
referred to by the error you're seeing is what lets you browse your network
through My Network Places -> Entire Network, where you're seeing a list of
computers in your domain.
To troubleshoot this, search on the 8032 error at support.microsoft.com or
see
http://eventid.net/display.asp?eventid=8032&eventno=118&source=BROWSER&phase=1.
If you don't find any clues there, post back including the exact text of the
error message and an ipconfig /all from the second DC.
You should have a range of IP addresses excluded in dhcp, and that range
should include your SBS and other servers, which should all have fixed IP
addresses. Make sure your second DC points to the SBS's Internal NIC IP for
default gateway, primary DNS, and WINS (leave secondary DNS blank).
"jmos" <jmos@discussions.microsoft.com> wrote in message
news:59C99FEB-8EBE-4396-87F2-4DD1EF9EDAE8@microsoft.com...
| Quote: | PS. Should I restrict or reserve the IP's of servers through DHCP?
"jmos" wrote:
Thanks Dave.
Something's gone wrong on my Second DC which errors with 8032 errors
about
the Browser (Master Browser).
I've made the changes to the NIC on the second DC (bTW do you recommend
having two NICs on this type of server?), but I get the above errors.
From the PDC I can browse the Network but not the Second DC. However
clients
are able to browse both and see shares, printers...
Can you see me doing anything wrong?
"Dave Nickason [SBS MVP]" wrote:
The second DC's default gateway should point to the SBS internal NIC,
and
the proxy settings in IE should be the same as those on a workstation
(pointing to SBS and port 8080). I've never needed to install the
firewall
client on the second DC or member server.
Best practice from a security standpoint is to not browse from servers,
especially DCs. At the risk of Susan Bradley whacking me with a 2x4,
I'll
admit to downloading patches and browsing relevant tech support info
from
the servers, but it's definitely something to be avoided whenever
possible.
"jmos" <jmos@discussions.microsoft.com> wrote in message
news:65C0DD88-1C53-4F02-B835-9AAE97D0C4B2@microsoft.com...
Do I need to install the firewall client on my second DC to get it
access
to
the Internet?
I get the feeling I do. PDC has ISA 2000 on it.
|
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in