Complex Networking Problem

I have a networking issue I am hoping someone can help me with. I have two buildings connected to each through a 10MB lan extender. In each of the buildings I have a DSL connection. In one of the buidlings I have two servers. One widows 2003 and one linux (both with 2 nics).

I need to be able to have the workstations in Building 1 plus 1 workstation in building 2 use the DSL connection in building 1 for internet traffic and be on its own subnet. I need to have the workstations in building 2 except for the 1 use the DSL connection in building 2 for internet taffic and have its own subnet.

I need to have all workstations in all buildings authenticate, file share and use profiles on Windows 2003 server. Therefore windows 2003 server needs to be local to both subnets. The linux server also need to be local to both subnets for database use (actually linux server can be local to only 1 subnet, but would prefer both.)

Firewalling is also important for both subnets, and one of the DSL lines has a wireless rotuer attached to it. I was hoping someone could guide me through configuration and setup of this beast. Thanks.

Also, the equipment I have is what I have to work with. I am not able to go buy a router or something like that.

Wow, this is complex for this message board but hold on, this is what we are are here for. First of all can you tell me why you need to use the DSL connection in the other building? Also it will be very helpful for you if you go to the Microsoft web site and look for a lot of these questions and then Linux.org. Also what is the purpose of the different subnets? If it is okay for both PC's to see the 2003 server and the Linux server what is the point of the different subnets? I would use Active Directory and use policies to manage the access. You can create different groups etc.

If you feel the need you will first need to start by setting up Active Directory on the 2003 server, active directory can do all of this but I don't think you can have more than one subnet on each server, so linux would need to host the other subnet, but you will need to get the linux server to join the domain on 2003 server. Start by laying out the network topology on paper prior to actually setting it up.

Good Luck

-DudeDomain

Actualy this isnt very complex and is a standard multi site setup in most companies and would be easy if you had a cisco 3550 switch (it can route between vlans) as you would put building 2 on its own vlan with its own subnet and make all PCs in building 2 point to the DSL router in building 2 for default gateway except for the one PC would point to the 3550 as its default gateway which would have a default route to building 1's DSL router and on the 3550 enable ip helper (this allows broadcasts to pass through the router so building 2 can authenticate to building 1's servers even though on different network) and poof done. very easy.

(or even a basic router connecting the two buildings you can get a cisco 2500 for $100 on ebay which you would put a static route on the dsl router in building 1 to point to building 2 subnet through the 2500 and a static on the building 2 DSL router to building 1 subnet through the 2500 with only the 1 PC pointing to the 2500 for default gateway with the 2500 default to building 1 DSL, also having ip helper enabled for authentication)

But you dont have a router or 3550 so just put building 2 on its own subnet and put IP addresses on the windows and linux servers second NIC that are in the building 2 subnet and have a hub/switch connect building 2 and the secondary NICs (so you would have a hub or switch with 1 secondary conection from the linux, one secondary from the windows server and 1 connection going to the building 2 lan extender all IP addresses on building 2 subnet) now enable routing and NAT on the linux server to NAT building 2 through it now point all PCs in building 2 to use DSL in building 2 as its default gateway and point the one PC in building 2 to use the linux server as its default gateway all of building one should use the WINS server in building 1. poof your done.

almost forgot on the linux server go into ipchains and only allow http and https traffic to pass.

I have no idea where you are going with active directory doing this?

Where do I hook up the second DSL line (Buidling 1) and all the computers need to be able to get the correct information via dhcp?

Active Directory is setup and is used to manage user accounts. I also have DNS setup for local use and DHCp configured for building 1 machines. I also have 2 wireless DSL routers to throw into the mix.

hook up the second DSL line to the switch you have all the building 1 users on. hook the building 2 DSL line to the switch all the building 2 people are on. you basicly will have 2 seperate physical networks with access from building 2 to building one through the linux box. access to the windows server will be direct from each network through one of its 2 NICs. Setup a second DHCP scope on the windows server or setup DHCP on the linux server doesnt matter.

I didn't say Active Directory would do any of the above you are referring to, and if this person is setting up a domain then they do need to start by setting up Active directory on the 2003 server, that is how oyu promote the sever to domain controller. Also his message said clearly; "Also, the equipment I have is what I have to work with. I am not able to go buy a router or something like that." You start out telling him what he needs to go buy. And this is a complex setup for someone who has never done this before, that is what this message board if for, not to make those in need of advise look stupid.

cmptrguru7, Good luck on your project, I hope you get it up and running.

-DudeDomain

Active Directory is currently seup and users are logging into it. This is not a new setup but a reconfiguration of an old setup. Here is how it is currently setup:

Building 1 computers ---> Switch(1) ---> Lan Extender ---> Building 2 (Lan Extender receiver) ---> Switch(2) ---> linux server NIC 1 (DHCP, NAT/Firewal ----> Linux NIC2) ----> Internet.

Building 2 computers ----> Switch(3) ----> Windows 2003 Server NIC 1 (DHCP, DNS, Active Directory, NAT/Firewall ----> Windows NIC 2) ----> Swtich (2) ---> linux server NIC 1 (DHCP, NAT/Firewal ----> Linux NIC2) ----> Internet.

Two computers in Building look like:

Weird Building 2 Computers ----> Wireless DSL/Cable Router ---> switch(2)......

I hope this helps with my question. I am getting some ideas, but it is still not completely clear?

actualy my point was starting out with $100 router this would take about 10 minutes to configure (in hopes he could get his work to buy one to do this the right way), then to go on and say with the stuff you have it will take about 6 hours to configure and test and ia more complex. However, I did say how to do everything to make it work. I guess it was not clear though since you two are still discussing active directory hehe.

Thanks for everyones help. I figured it out. I combined what everyone said into what I needed. Thanks again.

Looks to me that he has it working, bottom line thats all that matters. I'm sure that all advice was appreciated. Any further questions about active directory, this is a good place to start. Sorry if anyone was confused.. http://www.microsoft.com/resources/...3tr_ad_over.asp

-DudeDomain