Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » New User. HELP/Advice Please
  •  
d_kc

Messages: 2
Karma: 0
Send a private message to this user
Hey

I have a Windows 2003 Server setup as DHCP and NAT server for 125 Clients. It has two interfaces, one to the internet and one to the local lan.

It's also running Symantec Antivirus Server which manages definitions and stuff for the clients.

There's no AD, no internal DNS (using ISP). Just five Windows workgroups.

my question is can kerio be installed on the win2k3 machine to act as a firewall only and not affect the DHCP & NAT services on the server. Will I have to change any client settings ?
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
I can only see one problem: if you do not have an internal DNS and KWF is not acting as the DHCP server, you may have problems with traffic rules based on LAN hostnames. For example: I block some computers based on their name (which works here only for KWF DHCP-ed computers because then KWF's DNS can resolve them), something you probably could not do. You could only control PC's based on their IP address, which is impractical for a DHCP setup. That leaves only logged-in user based control.

Of course, if you only want to implement a company wide set of 'rules', all the above does not matter.

Still, I'd suggest you test your setup on another test computer before going live with such an assumption.
  •  
d_kc

Messages: 2
Karma: 0
Send a private message to this user
So what do I do first ?
I want to be able to assign policies on a computer-basis.

Can i just setup another system as a DNS server with windows 2003? Will that be ok?
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
d_kc wrote on Fri, 29 September 2006 21:39

So what do I do first ?
I want to be able to assign policies on a computer-basis.

Can i just setup another system as a DNS server with windows 2003? Will that be ok?


So how will that DNS server know the DHCP lease table? It probably wouldn't... I think these things only work when the device that is your DHCP server also is your DNS server (with the option for the DNS server to resolve based on the DHCP lease table).

Of course, easiest solution would be to let KWF be the DHCP and DNS server.

And of course: test-test-test before you go. These networking things can become complicated very fast, because of all interconnecting dependencies!

[Updated on: Mon, 02 October 2006 18:28]

Previous Topic: Content-based routing
Next Topic: vpn over modem/isdn direct connetion
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 18 16:43:49 CET 2017

Total time taken to generate the page: 0.00419 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.