01-05-2011 2:40 PM - edited 01-05-2011 2:48 PM
I got an ESXi server with my personal lab and a few virtual servers. (Web Server/Wordpress, Exchange, etc)
I have a 8block static IPs from AT&T. They only told me the IP block by phone and that it would be ready (Phone call took only 10 mins). I went home, set the additional IP range in the RG device. Since I know the device does not allow loopback, I assumed my workaround could be a lot simpler than others since I am using virtual servers.. therefore I can just add additional NICs to my servers. Perhaps one NIC for the local 10.x.x.x address and another NIC with the public static IP address. (I manually assigned static IP addresses to all my server for LAN and manually assigned my Web and Mail server static public IP addresses to the 2nd NIC) In theory it should work.
BTW - My RG has a 10.x.x.x IP subnet and my VMs are in the same subnet... I just manually assigned IPs to my VMs and printers. All other computers, PS3, etc are DHCP.
Now.. here come my doubts/questions about what I should do next...
1. Should I modify my domain's setting to show NS1 as my server's static ip address (public)?
2. Should I call AT&T and have them create the record on DNS or can I use my Active Directory domain controller as DNS?
3. I know I need to create A, CNAME and MX record for my servers. These would be on my DNS server if I am allowed to run my own.
4. I need to call AT&T and have them unblock port 25?
5. I go into my RG (modem) and modify the firewall to allow port forwarding. (25 for email, 80, etc for Web server) for each public address?
6. Anything else I am missing? Maybe the HOSTS file so I can access my web server locally (using external address?)
Once I get everything working... the challenging part which I am in no rush but would love to have it working if possible...
Let's assume that I will be away for a while and would like to be able to power on/off my physical server and/or I would like to manage my ESXi server.
I would like to set VPN. I have a brand new Sonicwall TZ100... Would it be possible for me to setup VPN behind the RG? If so.. what could happen to the setup since the RG only "sees" one MAC Address (TZ100) - a 1:1?
Solved! Go to Solution.
01-05-2011 2:52 PM
Need a little bit more info:
1. You say this is a personal lab and some virtual servers. Are you intending to make these servers accessible from the Internet?
2. If so, why do you need the 10.x.x.x network?
3. Who is the domain registrar for your internet domain name? Many registrars (like GoDaddy and Network Solutions) provide user-configurable DNS for you.
Answer those questions and we'll move forward from there.
01-05-2011 4:27 PM - edited 01-05-2011 4:33 PM
1. I run SCCM, SharePoint and other software. These I use as a lab.
2. I plan on making my Web Server and OWA accessible from the internet.
3. I run a flat network. My RG is set to use 10.x instead of 192.x
My iDRAC, ESXi, VMs all have manual IPs from this subnet. Other physical computers and gear are in the same
subnet via RG's DHCP. My laptop and desktop use DHCP from the RG but both manage ESXi via it's viClient.
4. My domain's registrar is GoDaddy.
5. I just want to host my (currently parked) domain and create two sub-domains for my sons. (Blogs)
and host email (same domain) from my Exchange box.
01-05-2011 5:26 PM
I logged to GoDaddy. It's been a few years I have not worked with my account/domains, and I just found about the DNS Manager.
So... I do not need to change Name Servers, I can change my A record to my Web server IP address, Delete all the CNAMES (aliases) and create/modify one for my mail, and edit/modify the MX record?
I can also add my sub-domains. Anything else I need to do "outside" Go Daddy? (Besides port forwarding in the RG)
01-05-2011 10:46 PM
OK, cool, so you can make all DNS entries that you need at GoDaddy using their DNS manager.
Other than that, you need to call AT&T tech support to have them unblock outbound port 25 so your mail server can operate. You also need to configure the firewall on the RG so that inbound requests are routed to the correct IP address (and port, if you want to run services on alternate ports).
The latest version of the RG firmware (v6.1.x.x) now supports loopback, so you may be able to access these web sites on your static IPs without any hosts files.
01-06-2011 9:31 AM
Please bear with me and the ignorance on the subject.
1. My A host record looks or should look like:
Host = @ / Point To = Web Server Public IP
Now.. my Exchange box has another Public IP. I know I need to create the MX record that looks like:
Host = @ / Point To = mail.mydomain.org
But, where do I state that my mail box has another IP address? Do I just simply create another Host and
Point to under A record and add a second IP address? One box will have port 80 and the other 25 therefore listening to respective ports?
01-06-2011 11:49 AM - edited 01-06-2011 11:51 AM
Ports and IP addresses don't have anything to do with each other. In terms of DNS, you are only concerned with the IP addressing. Ports matter when you configure your firewall.
Yes, you would create two different A records for each host. Then create an MX record pointing to the host that is listening for inbound SMTP. You can also use CNAMEs to point additional names to the same IP address.
@ IN A 192.168.50.1 host1 IN A 192.168.50.1 host2 IN A 192.168.50.2 www IN CNAME host1 mail IN CNAME host2 mail IN MX 192.168.50.2
I substituted 192.168.x.x addresses here, you would use your static IP addresses.
01-07-2011 1:54 PM
Thanks... I managed to get my web server up and running last night and reachable through my domain name.
I just contacted AT&T and had them unblock outbound on port 25. Will test when I get home tonight.
01-12-2011 1:39 PM
Will post later my DNS configuration under GoDaddy. I can send email out from Exchange box, but will not get in from outside.
* - Yes, I have added/created a receive connector, opened port on RG, and firewall is disabled in the server.
01-14-2011 8:01 PM - edited 01-14-2011 8:07 PM
I definitely have a "problem" with my DNS configuration at GoDaddy. I have spent a considerable amount of time doing some reading and trial and error in order to get external email to my Exchange box.
Today, I did some more changes... and although I know one of the settings was "off" I got external email through.. but then my www stopped working. So.. here's what I have right now and my www works but no external email to my Exchange box.
Host = @ Points to = xxx.xxx.xxx.100 (Public IP of my Web Server)
Host = mail Points to = xxx.xxx.xxx.101 (Public IP of my Exchange Server)
Host = ftp Points to = @
Host = www Points to = @
Host = webmail Points to = mail1.mydomain.com (Exchange Box)
MX (mail exchange)
Priority = 10 Host = mail Points to = mail1.mydomain.com
Welcome to the internet boards! Check out our troubleshooting articles below and don’t forget to search the forums - your question may have been answered already!
Service acting up? Click here to troubleshoot now!
Do you have questions about Internet and Email Security? Have them answered on Wednesday, April 26th at our Knowledge Sharing Session: Hack Attack!