Jamsan

Forum Replies Created

Viewing 13 posts - 1 through 13 (of 13 total)
  • Author
    Posts
  • Avatar
    Jamsan
    Member
    in reply to: WSUS Best Practices #361069

    Re: WSUS Best Practices

    Best practice here is to setup a downstream WSUS server at each of the additional site(s) where client computers sit. These servers would download the patches (either from the internet or upstream server) and server out to the client’s on the local LAN. This will limit the amount of data being downloaded by a large margin.

    Avatar
    Jamsan
    Member
    in reply to: no internet on dc(domain) #361068

    Re: no internet on dc(domain)

    On the screen you posted, go into “Managed Network Connections”. From there, right click the active network adapter and go to properties. Highlight TCP/IP v4 (or something similar) and click properties. That will be the IP configuration screen. The bottom of the screen will be the DNS settings. Ensure the primary DNS server is set to the IP address of the server (hint: It’ll be on that screen also).

    Avatar
    Jamsan
    Member
    in reply to: Network cable unplugged #361067

    Re: Network cable unplugged

    Depending on the NIC vendor, there may be additional tools that can show you what’s happening physically with the NIC. However, if it’s reporting unplugged, it’s probably unplugged…

    Avatar
    Jamsan
    Member

    Re: Help Please! Web Base Domain user password management using IIS

    If the passwords never expire, what do they need to change it for?

    Avatar
    Jamsan
    Member
    in reply to: IIS6, multiple websites, one domain #361065

    Re: IIS6, multiple websites, one domain

    Check to make sure only Basic Authentication is enabled for the website and not Windows Integrated (I believe it’s under the Security tab –> Authentication) or something similar.

    Avatar
    Jamsan
    Member
    in reply to: IIS6 to IIS7 HTTP Redirection #361064

    Re: IIS6 to IIS7 HTTP Redirection

    You could try using host headers on the existing IIS 6 server (assuming that’s how your hosting multiple apps now), and have a redirect occur to the apps/virtual directories on the IIS7 server, but with apps running on different ports.

    For example:

    Currently, you have, say, 5 apps running on IIS 6 on Server1. All these are managed by the single public IP and using host headers. For the apps you want to redirect, setup the IIS 6 to have a small redirect script when the default page is hit, to [url]www.example.com:8080[/url], which would be running on the IIS 7 box. From there, you’d need to open up 8080 at the firewall to point to ServerB, and it should be pretty seamless to all parties involved.

    You can probably do this with URL Rewrite/ARR as you want to do, but unfortunately I have little experience with reverse proxy in the IIS world – only Apache.

    Avatar
    Jamsan
    Member
    in reply to: IIS6 to IIS7 HTTP Redirection #361063

    Re: IIS6 to IIS7 HTTP Redirection

    Can you not redirect this at the network level? I.e. if there’s some sort of static NAT or port forwarding taking place from the public IP to the existing IIS 6 server – change that mapping to the IIS 7 server. That would be the cleanest way to do it and you can decomission the IIS 6 server without worrying the new app’s proxying going down with it.

    Avatar
    Jamsan
    Member
    in reply to: 2003 primary DC convert to VM image #361061

    Re: 2003 primary DC convert to VM image

    Does the ESX server HAVE to sit in a different subnet? Couldn’t you just trunk the port going to the ESX server nic(s) and manually tag VLANs with ESX to have the servers in their correct subnets and the DC in it’s correct subnet.

    Avatar
    Jamsan
    Member
    in reply to: ping to a serial interface #361060

    Re: ping to a serial interface

    The download is corrupt.. Can you re-up it?

    Avatar
    Jamsan
    Member
    in reply to: NAT on a stick? #361059

    Re: NAT on a stick?

    How does your satellite office connect back to your main office?

    For the internal users, you can use split brain DNS to get to your DMZ servers (configure internal DNS server with DMZ IPs for the DNS entries you use on the outside as well).
    For external users, setup your Static IP NAT translation to your DMZ IPs like you normally would, setup the proper ACL, open the appropriate ports to the DMZ servers, and setup your external DNS records to point to the public IPs that translate to the DMZ IPs.
    The only question left is how to get your satellite offices working. Answer the very first question should give us a better idea on how to get this working.

    Avatar
    Jamsan
    Member
    in reply to: ping to a serial interface #361058

    Re: ping to a serial interface

    Post up your Packet Tracer file so I can take a look at all of the configs of the routers.

    Avatar
    Jamsan
    Member

    Re: Client can not lease IP from two different scope of DHCP

    tehcamel;157046 wrote:
    Do you just move it to the new vlan and let it pick a new address ?

    TRy:
    ipconfig /release
    change vlan
    ipconfig /renew

    might help.. place i worked at we used to have to do this.

    I can give that shot, but I’d hate to have to tell users that they have to release their IP before undocking and going to a conference room on a different floor..

    Avatar
    Jamsan
    Member

    Re: Client can not lease IP from two different scope of DHCP

    I’ve got the same issue going on as well. Hoping someone can help out with this…

    vonPryz: The ip helper address command allows the DHCP request broadcasts to be forward to the DHCP server on a different subnet, thus allowing the request to be fulfilled..

    Our issue is that the DHCP requests are fulfilled all day long on either subnet, but when a user (not all the time, either) moves from one VLAN to the next, the PC will sometimes fail to get an IP. I still haven’t put my finger around this yet, so any insight is appreciated!

Viewing 13 posts - 1 through 13 (of 13 total)