So me and a friend are trying to set up a network with a few severs. After a lot of configuration and reconfiguration we somewhat got it all working. (I have a few questions)
We have 1 WAN port with 1 assigned IP. Than we have a router, 2 layer 3 switches and 2 layer 2 switches.
We configured the routers f0 port to correspond the Wan port (outside).
Than we configured the f1 port to our ip address with subinterfaces and vlans (inside).
f1.5 with ip address, encapsulation, ip nat inside(not sure if I should ip nat inside on each vlan tho?) etc....
we did the same for subinterface f1.10, f1.20, f1.30, f1.40, f1.50, f1.99 and named each vlan like HR, Sales, Management etc.
Than we added some ip route 0.0.0.0 0.0.0.0 to correspond with 192.168.1.1 which is our routers gateway that we put on f1.5 (we didn't use f1).
Than we added the access list, pat etc
We configured the rest of the switches.. every switch could ping eachother, including our servers.
we could now also ping 8.8.8.8 from the router but not from the switches
Question to this part - we can't ping 8.8.8.8 from layer 3 switches. Do we have to put ip route, access list and pat on router 3 switches too?
Windows server 2016 question
We are running 3 servers, but im only gonna talk about 2, that we use static ips on in from vlan 40. 192.168.40.12 + 192.168.40.13
We have our main server which is running AD DC.
Than we have another server running DNS + DHCP.
I configured the DNS, and we could all come on the internet with the servers with static dns.
I tried to configure the DHCP, but for some reason our client doesn't receive it.
Than we decided to move the DNS server over to our AD, since that's probably best practice, and deleted the dns on the now DHCP server.
We set it up just like we did the other server. We can ping 8.8.8.8 from the servers, but we can't get out on the internet.
Not entirely sure what more to say..
What could have gone wrong?
EDIT: Do I have to add the DHCP server as a child domain, in order for it to delegate Ips?
Last question
With all our VLAN configured to groups such as HR, sales etc.
How to we make a client that login to our domain, read that user as a part of the vlan 10, and therefore he goes on that subinterface or VLAN or IP 192.168.10.x?
Bit confused.
I know it's a bit hard to read, but I am a little stressed about that it worked, and than it doesn't all the time lol.
Hopefully someone can point me in the right direction - much appreciated!
No comments:
Post a Comment