Win 2K Server + ISA + DSL Help

[ejunkie]

Hello,

This seems like a simple problem; however, I can't seem to get it to work. I'm sure that many of you have implemented this. Here is the situation....

I have a domain with Windows 2000 Server acting as the domain controller, with multiple clients running Windws 2000 Pro. The server has 2 NICs: 1 for the internal domain and 1 going to my DSL Provider. I would like all my lients PCs to be able to access the internet. I also have a personal website that i would like to publish on the server. For these reasons I have installed MS ISA Server 2000 on the server (Firewall protection is also important to me). Should I be installing ISA on my Domain Controller? Is there any problem that I should be aware of?

I'm new at the networking game so I'm not sure how to cofigure ISA to allow access to the internet from the client PCs. I went through the wizzard that is provided by ISA, but no luck. Are there any sites out there that will guide me through this (Step-by-Step Instructions would be great)?

In addition, there is one more problem. My DSL Provider does not provide a static IP, I have to go through their DHCP to obtain an IP addr. Although the IP address does not change very often (maybe every other month), the lease expires approx. every three weeks. As a result, i am forced to reboot my PC every three weeks to renew the lease. Is this gonna cause a problem? Any important notes would be greatly appriciated.

Thank You In Advance!

 

[CoolClark]

Here's a good reference site.

http://www.isaserver.org

 

[Pilot1]

Just a suggestion. We have a similar setup. Instead of using two nics and firewall software, employ a hardware firewall of which there a serveral to choose from. Then you can assign addresses and gateway to firewall automatically using DHCP. The hardware box method is very simple to use, and very dependable. You can host a web server securely behind the firewall box using port forwarding (e.g. 80 for web etc). Check with your ISP about static IP's. Some will allow this for a fee. I've got four subnets running off of this system very dependably.


Pilot 1

 

[ejunkie]

I have already purchased all the hardware, i would like to stay away from further expenses if at all possible. So is there a way to do this without resorting to hardware?

 

[Pilot1]

Microsoft has a couple of great how to's on configuring ICS. There are two methods to setting up Internet Sharing. The simple one is very limited (use if you don't need to have complex DHCP, DNS, WINS functions) A right mouse click on the Local Connection (internet card) and select Sharing Tab. You simply share the connection. Then at workstations (Win2000) run ipconfig, and pick up new lease which will assign ip address, subnet, and gateway addresses in the 192.168.0.x subnet. You have no control over the DHCP Scope, as it will assign the server address to 192.168.0.1 (internal nic card). Make sure that you only have the IP Protocol bound to the internet side card. If you need some suggestions on books, I have a couple at work I can get the names of that I use all the time. There is another more complex method that will allow you to Nat while assigning addresses and employing WINS and DHCP etc. If you have already used the sharing method and could not get the internet to work, make sure to release and renew your dhcp lease using ipconfig. As far as your DSL connection goes, you should not have to reboot your computer to pick up another lease as DHCP is constantly checking up on each lease over your Lease time period. When it fails again, run ipconfig, and check to see if you have an ip address, gateway, and dns server assigments on your network side adapter. You should once again be able to release and renew your adapters lease with out rebooting using ipconfig once again. For a list of switches and help using ipconfig just type ipconfig/? at the command prompt.

Pilot1