help with setting up network

hello!

Recently i bought a second pc and now i want to built a network However before i start i am gathering info , and tips on how best to implement this with the resources i have.

What i have:
*A DSL connection with static IP , DHCP assigned by my ADSL modem w/ built in router (in router mode)(DMZ)
*A computer with 2 NICS for internet and localnetwork (windows server 2003 w/ isa server 2004) (?dns,dhcp?)
*A computer with 1 NIC for the localnetwork (windows server 2003 with http , smtp , pop, ftp service)
*A domain name currently hosted by zonedit.

What i want:
The pc with two NICS will be a dedicated isa server and will control all traffic from and to the Internet. The pc with one NIC will be a web/mail server connected to the internal NIC of the isa server (static)

What else do i need to make this work?
The above is basicly all i want, no need to run AD or for them to join the same workgroup but i am wondering if i need to host my own DNS and DHCP service to make this work. Infact i am almost sure that i have to in order to make the isa server work. If i need to host my own DNS server how can i use my own DNS server for my internal DNS and the zoneedit service for my internet records.


I think setting up DNS will be the biggest issue and i would like to know how i can implement this and any info is greatly appreciated.

Thanks!
Joey_Admin

You don't really need to have either DNS or DHCP servers. Both computers are servers, so you'll probably be giving them static IPs, leaving no reason to have a DHCP server. For the DNS, you only need local DNS servers if you're using AD (which you're not) and I'd suggest you let ZoneEdit handle all your external DNS.

Many thanks for your reply! I think i need DHCP to be able to assign IP addresses to VPN clients for ISA but i am not sure.

Also i have already tried a setup without DNS and DHCP but i could not connect to my published website. I know that's the main idea with a firewall like ISA but i used the proper rules to allow incoming requests.

I think this may have to do with bad routering or dns ( that's why i asked about hosting my own dns).

Would you know of any other possible reason why i would not be able to access published services? From the local network i am able to access the web from any machine.

thanks again for your advise!

Joey

Firstly, let me tell you I don't really have that much experience with ISA server, so don't trust me too much



I would imagine that makes sense, although I've never used ISA for this before.



Are you saying that if you tried to go to www.domain.com from internally within the network, the site didn't work? This is often the case. To get around this, you either need to host your DNS locally for the domain (but I'd still leave external DNS to ZoneEdit) or add appropiate entries to the hosts file in Windows. But your site should still work using http://computername or http://xx.xx.xx.xx

Nope internally everything works fine and yes ive added the routes to both Hosts files. I can not access my website from the Internet even though i *think* i have configured the isa firewall properly to accept and forward web requests to my website. I have the feeling that the isa server does accept the requestbut just can't route (link) to the website on the internal webserver.

Again, internally its no problem ( i can view pages on my webserver from my isa server and i can access isa server from my webserver with terminal services)

I still think it may have something to do with my current dns setup because my isp hosts my reverse dns and zoneedit hosts my a record, mx record and webforwards so maybe it has to do with that.

*Static ip from my isp: 666.666.666.666 - with reverse dns: computer1.domain.net
*a record at zoneedit: computer1.domain.net
*mx record at zoneedit: computer1.domain.net
*webforward at zoneedit: www.domain.net - computer1.domain.net/web
*webforward at zoneedit: domain.net - computer1.domain.net/web

*computerhost names:
isa.domain.net (192.0.0.254)
computer1.domain.net (192.0.0.1)

Thanks again, Joey

I think you're making things more complicated than they need be. On ZoneEdit, when you create the A record, why can't you just set www.domain.net and domain.net to point straight to your static IP address?

Thanks again for your help. Yes it was not easy to find out what exactly caused the problem.

i want to use a webapp (webserver.domain.net/webapp) as my default web site (www.domain.net) and i want it cloaked.

But, i fixed it. Here's how: i changed my adsl modem configuration from 'router mode' to 'bridged mode'

i already suspected something was wrong with the routing but couldnt put my finger on it.