Legal Information
PC Knowledge Base - Configure Small Business Server for Full Time Internet Access with Two Network Adapters
Good Knowledge Is Good2Use

The following provides configuration information for Small Business Server 2000 or BackOffice Server 2000 that is configured with Microsoft Exchange 2000 and Internet Security and Acceleration (ISA) Server on a single computer that is also a domain controller (DC).

This applies to configurations where the server has two network adapters, one for the internal LAN, and the other adapter that is connected to a full-time Internet connection, such as DSL, a cable modem, T1 line, and so on.


This information may be useful to help address any of the following issues: There are separate configurations for servers using one adapter or having a dial-up connection to the Internet.

In these installations, the Domain Name System (DNS) server is the pivotal point for Active Directory (AD) and LAN connectivity. DNS is the AD locator in Windows 2000. AD clients (including the server and its services) use DNS to locate domain controllers for administration and logon. You must have a DNS server installed and correctly configured for AD and the associated client software to function correctly.

The Internet Connection Wizard (ICW) is a tool that is designed to help with the configuration of Windows 2000 networking through LAN connections or remote dial-up, Exchange Server 2000 and the ISA Server.
It is also necessary to gather certain configuration information before using the ICW.
For the purpose of these steps, the IP addresses that are used to connect to the Internet are provided here. Note that these values will be provided to you by your ISP or from your firewall/router if you are using these devices.The following steps are for configuring server internal and external connectivity:

  1. Verify DNS settings for each local area connection:
    1. Click Start, point to Settings, and then click Network and Dial-up Connections.
    2. Right-click Local Area Connection for the internal network, and then click Properties.
    3. Right-click Internet Protocol (TCP/IP), and then click Properties.
    4. The proper configuration in a default SBS installation should look something like this:
      Use the following IP Address
      IP Address: 192.168.16.2
      Subnet Mask: 255.255.255.0
      Default Gateway: blank

      Use the following DNS server addresses:
      Preferred DNS server: 192.168.16.2
      Alternate DNS server: blank
    5. On the WINS Address tab, populate both the primary and secondary WINS addresses for the internal NIC with the 10.0.0.2 address. The IP address for the internal network adapter should be used for the preferred DNS server on the internal local area connection.
    6. Select the external NIC from the and set a valid IP address (192.168.1.2)
      Set the new Default Gateway address to the address of your router (normally 192.168.1.1)
      Add any Domain Name Server addresses that your Internet Service Provider supplies.
      Do not populate the WINS server address for this NIC.
      Do not turn on IP forwarding.
    7. This configuration can use static address information that is provided by an ISP or that may be obtained automatically.
      The proper configuration that is based on the information provided by your ISP should look something like this:
      • Obtain an IP address automatically OR
      • Use the following IP address
        IP Address: static address provided by ISP
        Subnet Mask: static address provided by ISP
        Default Gateway: static address provided by ISP AND

        Use the following DNS server addresses:
        Preferred DNS server: 192.168.16.2
        Alternate DNS server: blank

    NOTE: While possible to achieve similar results with only one NIC, it is not advisable because of the inherent security risk to your internal network. This is also not a supported configuration, as far as Proxy Server is concerned.
    After adding the second NIC along with the appropriate drivers.

    NOTE: This assumes the default IP address of 10.0.0.2 is being used. If the default IP address has been changed, verify the procedure by following information in the following Microsoft Knowledge Base article: 194562 Change the Default IP Address in Small Business Server Verify that the external NIC address does not show up in the ISA Manager's Local address Table (LAT). If the NIC address does, remove it. Important: Use the IP address from the internal network adapter for the preferred DNS server on the external Local Area Connection. Do not use DNS that is provided by an ISP, and do not select the Obtain DNS server address automatically option.

  2. Set the binding order:
    1. Open Network and Dial-up Connections.
    2. On the Advanced menu, click Advanced Settings.
    3. All the local area connections and remote access connections appear in the top window that is named Connections. Use the arrow keys to move connections to the following order:
      1. Local Area Connection for internal adapter
      2. Local Area Connection for external adapter
      3. (Remote Access connections)
    4. Click OK.
    5. Close the Network and Dial-up Connections.
    6. If you are prompted to do so, restart the server.
  3. Run the Internet Connection Wizard (ICW):

    Before starting, you may wish to inspect the flow-chart associated with the ICW procedure.

    The Small Business Server Internet Connection Wizard (ICW) can be started from the Small Business Server Console in a couple of ways.

    • ICW can be called from the To Do List or from Manage Internet Access under More Tasks.
    • If Internet connectivity changes need to be made after the wizard has been run, select Configure Internet Hardware from the Manage Internet Access page of the Small Business Server Console, and then make any changes necessary.
    • Click Start, click Run, type icw, and then click OK.

    The Welcome to the Small Business Server Internet Connection Wizard page.
    1. Click Next.
    2. Select an ISP for a new Internet account is used to connect to a Microsoft Referral Server that helps locate ISPs in your area that have special offerings for customers of BackOffice Small Business Server.

      In some cases these ISPs provide an online sign-up that configures the appropriate Small Business Server services. By selecting Select an ISP for a new Internet account, you launch the Internet Connection Wizard. The ICW then dials the Microsoft Referral Server and downloads a list of ISPs that have special offerings for Small Business Server customers. Therefore, in order to take advantage of this feature, you must have a functional modem on your server.

      If it supports online sign-up, once your new ISP has received your user, system, and billing information, the sign-up server generates an .ins file that is downloaded to your server. This .ins file will configure your dial-up networking connection, Proxy Server, Microsoft Exchange Server, and the information required by the Web Publishing Wizard. Some ISPs distribute sign-up floppy disks. If your ISP does this and is configured specifically for Small Business Server, you will not need to use the Small Business Server Internet Connection Wizard. Follow the instructions included with the sign-up disk to continue the installation.


      The Set Up Connection to Your ISP page.
    3. If you choose Connect to the Internet from the Set Up Connection to Your ISP page (figure above, you are presented with the Configure Hardware page. Through this page you tell Small Business Server what Internet communications hardware connects the server to your ISP.
      The type of hardware determines what other information you'll need later in the wizard; clicking the Form button for each option displays the information you'll need if you select that option.

      The Full-time/Broadband Modem selection is designed for all connection methods that provide a full-time, high-speed connection to your ISP through a second network adapter. This connection is separate from the network adapter attached to the local network. These full-time connections include ADSL modems, cable modems, and the access to these devices through second network adapters. All of this hardware must be configured before proceeding with this wizard. Also, you will need to configure the second (external) network adapter with a static IP address before continuing with the wizard. Small Business Server installs the DHCP server by default, and Windows NT (which is part of BackOffice Small Business Server) does not currently support using the DHCP server and the DHCP client on the same computer.


      The Configure Hardware Page

      Configure the hardware, and then click Configure Full-time Broadband Connection.
    4. The Set Up Router Connection to ISP page gathers the information needed to correctly configure Small Business Server for use with a router on the network. The router address, which enables TCP/IP connectivity from the Small Business Server-based network to the Internet, is needed regardless of whether the router is connected directly to the local network or to the second network adapter configured under Small Business Server. These two situations are described in greater detail in "Router Configuration".

      If you are going to configure Small Business Server to be the gateway to the Internet for the client machines, you will need to check the option My router is connected to the Small Business Server via a second network adapter. This option allows you to configure Small Business Server as a firewall.

      The Set Up Router Connection to ISP Page

      The Network Interface Card Configuration page is presented when Small Business Server is configured as the gateway for the local network. This page presents the network adapters in two windows. In the first window, you identify the internal network adapter that will be used for the local network. This internal adapter should be manually configured in the Local Address Table (LAT) in the Proxy Server configuration, using the Microsoft Management Console. In the second window, select the external network adapter that will be used to connect to the Internet.

      If you have more than one network adapter or have changed your IP address from the default address of 10.0.0.2, you will want to confirm the LAT configuration in Proxy Server.


      The Network Interface Card Configuration Page

      Configure networking adapters:
      • In the upper window, click the adapter with the 192.168.16.2 address.
      • In the lower window, click the adapter with the external IP address to the Internet.
    5. Once the external network adapter is selected, the Set Up a Second Network Adapter page appears so that the adapter can be configured to work with a broadband device or router. Before the ICW is run, the external network card must be configured with a static IP address. This is required because the alternative-receiving an address from the server's DHCP service-would require running the DHCP client on the DHCP server, which is not currently supported.
      The default gateway and DNS servers should be configured at this point if they were not configured through the Network area of Control Panel. These settings are required to complete Internet connectivity setup.

      The Set Up Second Network Adapter Page

      Specify your ISP connection information:
      • Default Gateway: (provided by ISP or obtained automatically)
      • Primary DNS server address: (provided by ISP)
      • Secondary DNS server address (optional): (provided by ISP)
      Note: These values populate the DNS Forwarders boxes, not the DNS in the TCP/IP Advanced properties.
    6. Once the networking pieces have been configured, the next step establish the e-mail configurations.

      The Configure Internet Mail Settings page configures Small Business Server to use Internet e-mail. If you are using SMTP e-mail through Exchange Server, select the Use Exchange Server for Internet mail option, which activates the Microsoft Exchange Internet Mail Service in Small Business Server. This is the option to choose, whether you host your own Internet domain and SMTP mail through a full-time connection or you dial in to an ISP that queues your mail until you connect.
      Selecting Disable Exchange Server Internet Mail will disable the Microsoft Exchange Server Internet Mail Service. This option disables only Internet mail through Exchange Server; it does not affect the ability to send mail to others on the local Small Business Server-based network.
      If you have already configured or customized your Exchange Server settings and do not wish to override these settings, select Do not change my Exchange Server settings.

      If you will be retrieving e-mail from POP3 mailboxes at your ISP instead of directly through SMTP, select the Use POP3 for Internet mail option.


      The Configure Internet Mail Settings Page

      Configure Internet mail settings:
      • Exchange Server: Use SMTP for Internet mail.
      • POP3: Disable POP3 electronic messaging*.
  4. Configure Internet Domain Name. This should be the registered fully qualified domain name that would be used to send a user an e-mail message. The example assumes that the message would be sent to User@microsoft.com
  5. Configure SMTP Server Address. Unless required by an ISP, click Use domain name system (DNS) for mail delivery.

    If in the Configure Internet Mail Settings page you select the option Use Exchange Server for Internet mail, the wizard presents the Configure SMTP Mail Delivery page. This page will allow you to configure the sending properties of the Microsoft Exchange Internet Mail Service. The choices available to you depend on the connection type, for a full-time connection (via router or broadband device), select the Use domain name system (DNS) for message delivery option.
    With a full-time Internet connection using Exchange Server for your Internet mail, you should select Use domain name system (DNS) for message delivery. This option will use DNS queries to resolve any Internet e-mail addresses for delivery; thus the connection must be established before mail is sent.


    The Configure SMTP Mail Delivery Page

    Note: A Domain Name needs to be configured as well.

  6. Receive Exchange Mail. Do not send a signal. Message dequeuing may be enabled if this configuration is necessary for mail retrieval. This should be discussed with your ISP for compatibility. Click Next.

    The Receive Exchange Mail Page

    For more details on receiving mail, click here.

    Also check the configuration issues that can arise with POP3 and dsl.
  7. Enable ISA Server packet filtering, select all filters, and then click OK when you receive the warning.
  8. Click Finish.
To help with client connectivity, you may need to modify the Dynamic Host Configuration Protocol (DHCP) scope for your local network. Here is a recommended configuration for the DHCP scope that will work in a majority of configurations. This example assumes that you are using the default setting that is provided with the SBS installation.
  1. Click Start, point to Programs, point to Administrative Tools, and then click DHCP.
  2. Expand the tree so that you see the following information:
    server.domain.local[192.168.16.2]
    Scope[192.168.16.0]
    SBS Scope
    Scope Options
    You should see the following entries:
    Option Name VendorValue
    003 Router Standard 192.168.16.2
    006 DNS Servers Standard 192.168.16.2
    044 WINS/NBNS Servers Standard 192.168.16.2
    046 WINS/NBT Node Type Standard 0x8
If you will be hosting RAS or VPN clients, you must apply the hotfix that is described in the following Microsoft Knowledge Base article: 292822 Name Resolution and Connectivity Issues on Windows 2000 Domain Controller with Routing and Remote Access and DNS Installed 237675 Setting Up the Domain Name System for Active Directory 260362 How to Configure Active Directory on a Home Network

Search Knowledge Base Feedback
If you like our web site refer a friend.
Your friends name.
 Your friends email address.
Your Name
 Your Email Address


© Copyright 1998-1999 GOOD2USE