Announcement

Collapse
No announcement yet.

ban server from connecting to internet

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • ban server from connecting to internet

    Suppose a network Consist of 2 server and 38 clients.
    server 1 is DC and File server.Server 2 Is share Internet for the Clients.
    How is it possible not to allow server1(file server & DC) access to internet.
    What should be the TCP/IP settings of clients.which guideline I should Use.

  • #2
    Re: ban server from connecting to internet

    Remove the default gateway.

    Comment


    • #3
      Re: ban server from connecting to internet

      Originally posted by wullieb1
      Remove the default gateway.
      what will be the clients gateway.Server1 or server 2 IP adress.

      Comment


      • #4
        Re: ban server from connecting to internet

        Server2 should be the clients gateway

        Comment


        • #5
          Re: ban server from connecting to internet

          2 more questions:
          1-when DNS is installed on server 1.should the server 1 address be written on server 2 DNS address(TCP/IP settings)
          2-Do you know any Microsoft/security Corp reccomendations about whether "it's better to set server 2 as DC and installed DNS on that or that or they Accepts with current Configuration.(server1: DC,File server,DNS--server2:Share Internet).Only Data security on File server is important Clients security is not important although Effective For me.

          Comment


          • #6
            Re: ban server from connecting to internet

            Yes, the server1 should be server2's DNS server BUT if you remove the default gateway from server1 it will be unable to perform external DNS lookups or forward requests

            You could install DNS as caching only on server2 if you really want to keep server1 off the internet. Then configure forwarders on server1 to send external requests to server2. Cant see any obvious problems there although I may be missing something.
            Honestly though, its easier to just keep a DG configured on server1

            Im not really sure what you mean by the second question, but I wouldnt personally make server2 a DC if its acting as a router as well
            Last edited by ghughes87; 27th April 2006, 00:24.

            Comment

            Working...
            X