RE: [m0n0wall] Looking for configuration advice with SBS 2003

From:	"Mark Griswold" <mgriswold at environics dot com>
To:	"James W. McKeand" <james at mckeand dot biz>, <m0n0wall at lists dot m0n0 dot ch>
Subject:	RE: [m0n0wall] Looking for configuration advice with SBS 2003
Date:	Wed, 8 Feb 2006 10:09:09 -0500

James W. McKeand wrote:
> 
> Ditch the Linksys box - unless it is providing wireless...
> 
> I'm making the assumption that you are working with SBS 2003 
> Standard -
> not Premium (i.e. you don't have ISA (Internet Security and
> Acceleration)) You have been "double-NATing" very icky in my book. You
> only need one NIC. Make the LAN interface of the m0n0wall 
> something like
> 10.0.0.254 and have your SBS's DHCP give that IP as the 
> gateway. You can
> re-run the Internet Connection Wizard and configure for an external
> router device (your m0n0). You can also use the m0n0wall as a 
> forwarder
> for your DNS (or use the ISP's)
> 
> I forward HTTP, HTTPS, and SMTP to my SBS from my m0n0wall (Inbound
> NAT).
> 
> For VPN, you have two choices. You can redirect inbound PPTP 
> connections
> to your SBS or you can use the m0n0's PPTP server and use the IAS
> (Internet Authentication Service) per this article:
> http://www.michael-i.com/files/projects/m0n0ad/ 
> 
> This method will allow your SBS to only handle the authentication -
> might be a small off-load. Let your firewall be a firewall and your
> server be a server...
> 

No, the Linksys isn't for wireless so we could ditch that.

Actually we are running SBS Premium and have ISA running with dual NICs.
I am not too keen on changing to a single NIC config since what we have
is 
working well.

It looks like the consensus is "dump the Linksys" so I'll give that a
shot
see how it goes.  Thanks for all the responses.

Mark