Segmentation of Server Network

Similar Messages

• What's the best way to segment my home network?

  I run a home-based business and would like to segment my home network so that I've got my home users on one "leg" and my business on another, so that remote users logging in to the business network cannot possibly access my home network.
  I have a remote business partner and contractors who need to access my Windows SBS 2003 (to include Exchange server and an Opentaps database).
  I have my AEBS and I also have a Linksys router. I'd like to keep my home access on my AEBS (numerous Apple components that are best served by the AEBS) and business behind the Linksys.
  What is the best way to accomplish this goal?
  Thank you,
  Melissa

  Do you have any suggestions for best practices in this case, or a starting point? A book or website to which I could refer to explanations of network arrangements and the benefits of various configurations?
  I would recommend starting with the Cisco RVS4000 Administrative Guide which goes into more detail on each of this router's feature, specifically the sections on VPN & L2 Switch which goes into configuring the router for remote access and VLANs respectively.
  If you need further assistance in setting up either, you can try the Cisco User support forums or consider hiring a network specialist to fine-tune the network based on your requirements.
  Would I then attach my RVS4000 router directly to modem and then AEBS attached to RVS400? Does RVS then act as DHCP server?
  Yes, you will want to configure the RVS4000 as your "main" Internet router so that you can take advantage of both the VPN & VLAN features. In addition, the Cisco is a business-grade router and offers far more control than consumer-grade routers like the AirPorts or similar routers.
  Local/home network users have no need of connecting to SBS and SBS is only serving up Exchange functionality and the Opentaps database (which is accessed via web browser).
  Using the RVS4000's VLAN feature, you could configure a separate VLAN segment just for non-business use. This has the added benefit of not only separating the users but also may provide better bandwidth as business & non-business traffic would be on different VLAN segments.

• Network protocols are not showing in sql server network configuration manager

  Hi,
  We are running 64 bit SQL server 2012 SP1 version. Everything was working fine but suddenly SQL server network configuration showing blank.
  So please suggest how do I get it back.

  Hello,
  Could you please try to repair the installation?
  http://technet.microsoft.com/en-us/library/cc646006(v=sql.110).aspx
  Hope this helps.
  Regards,
  Alberto Morillo
  SQLCoffee.com

• The server network address can not be reached or does not exist

  Hi all       
      When i am trying to configure Mirroring .i am getting the below error.
   The server network address "TCP://RDEEPA:5022" can not be reached or does not exist. Check the network address name and reissue the command. (Microsoft SQL Server, Error: 1418)
  . TCP/IP and Name pipe connection is enabled in both principle and mirror server configuration.
  I post the complete error message below ,which is in red  
  TITLE: Database Properties
  An error occurred while starting mirroring.
  ADDITIONAL INFORMATION:
  Alter failed for Database 'success'.  (Microsoft.SqlServer.Smo)
  For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&ProdVer=9.00.1399.00&EvtSrc=Microsoft.SqlServer.Management.Smo.ExceptionTemplates.FailedOperationExceptionText&EvtID=Alter+Database&LinkId=20476
  An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.ConnectionInfo)
  The server network address "TCP://RDEEPA:5022" can not be reached or does not exist. Check the network address name and reissue the command. (Microsoft SQL Server, Error: 1418)
  For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&ProdVer=09.00.1399&EvtSrc=MSSQLServer&EvtID=1418&LinkId=20476
  BUTTONS:
  OK

  Hi,
  I have the same problem. However beginning over and over again and using other ports did not solve this unfortunately.
  Here is the SQL I used to setup the mirroring.
  * Principal DB
  CREATE ENDPOINT [MirroringEndpoint]
      AUTHORIZATION [DOMAIN\administrator]
      STATE=STARTED
      AS TCP (LISTENER_PORT = 5022, LISTENER_IP = ALL)
      FOR DATA_MIRRORING (ROLE = PARTNER, AUTHENTICATION = WINDOWS NEGOTIATE
  , ENCRYPTION = REQUIRED ALGORITHM RC4)
  BACKUP DATABASE TEST
      TO DISK = 'C:\full-backup.bak'
      WITH FORMAT
  BACKUP LOG TEST
      TO DISK = 'C:\log.bak'
  ALTER DATABASE TEST SET PARTNER ='tcp://sql2.domain.local:5022';
  * Mirroring DB
  CREATE ENDPOINT [MirroringEndpoint]
      AUTHORIZATION [DOMAIN\administrator]
      STATE=STARTED
      AS TCP (LISTENER_PORT = 5022, LISTENER_IP = ALL)
      FOR DATA_MIRRORING (ROLE = PARTNER, AUTHENTICATION = WINDOWS NEGOTIATE
  , ENCRYPTION = REQUIRED ALGORITHM RC4)
  RESTORE DATABASE TEST
      FROM DISK = 'C:\full-backup.bak'
      WITH NORECOVERY
  RESTORE LOG TEST
      FROM DISK = 'C:\log.bak'
      WITH FILE=1, NORECOVERY
  ALTER DATABASE TEST SET PARTNER ='tcp://sql1.domain.local:5022';
  The last statement on the principal server gives me the following error :
  Msg 1418, Level 16, State 1, Line 1
  The server network address "tcp://sql2.domain.local:5022" can not be reached or does not exist. Check the network address name and that the ports for the local and remote endpoints are operational.
  From the principal server I'm able to ping the mirror server and can establish a telnet connection. When the statement gets executed even netstat gives me the following output :
  TCP    0.0.0.0:5022           0.0.0.0:0              LISTENING       1244  [sqlservr.exe]
  TCP    10.1.1.140:5022       10.1.1.110:1223       TIME_WAIT       0
  TCP    10.1.1.140:5022       10.1.1.110:1226       TIME_WAIT       0
  TCP    10.1.1.140:5022       10.1.1.110:1216       TIME_WAIT       0
  TCP    10.1.1.140:5022       10.1.1.110:1218       TIME_WAIT       0
  TCP    10.1.1.140:5022       10.1.1.110:1225       TIME_WAIT       0
  TCP    10.1.1.140:5022       10.1.1.110:1222       TIME_WAIT       0
  TCP    10.1.1.140:5022       10.1.1.110:1221       TIME_WAIT       0
  TCP    10.1.1.140:5022       10.1.1.110:1224       TIME_WAIT       0
  TCP    10.1.1.140:5022       10.1.1.110:1219       TIME_WAIT       0
  TCP    10.1.1.140:5022       10.1.1.110:1220       TIME_WAIT       0
  Is it normal so many ports get opened?
  Any help would be greatly appreciated (as this drives me crazy :-( )
  Found the problem eventually. The mirroring ran as the NT_AUTORITY user instead of DOMAIN\administrator.

• Just FYI, new blog post "Windows Server Networking Resources"

  Hi there -
  Just FYI, new blog post "Windows Server Networking Resources" at
  http://aka.ms/vrigwx
  Thanks -
  James McIllece

  Hi James,
  Thanks for the sharing.
  Best Regards.
  Steven Lee
  TechNet Community Support

• Error re Messaging Server Network Connection?

  When I try to sync from my Desktop Manager, I get an error message stating:  "The messaging server network connection is no longer available. Message synchronization cannot continue."  I have tried everything I can think of (even uninstalling DM and resetting configurations).  Nothing worked.  Can anyone help me?  I have a BB Tour and the DM (version 5.0.1) is running on Windows 7.  Thank you!

  Are you connected to a BES and exchange server at work?
  If someone has been helpful please consider giving them kudos by clicking the star to the left of their post.
  Remember to resolve your thread by clicking Accepted Solution.

• Server Network Address on Clustered Instance

  Hi,
  I am looking to configure database mirroring and as part of this need to specify the server network address. The primary instance is on a 2 node cluster and the mirror data base is on a separate instance on a standalone server. When creating the server network
  address on the clustered instance should i specify the hostname\IP address of the SQL cluster and if so do I need to do this on both nodes in the cluster?
  Thanks 

  Hello.
  You need to specify SQL server Virtual cluster name not specefic node IP or hostname.For outside application this virtual name acts as Single SQL server
  Please mark this reply as the answer or vote as helpful, as appropriate, to make it useful for other readers

• External ip adress at the server network interface behind the router

  Hello to all!
  I am installing MacOSX Snow Leopard Server and using it behind my AirPort router as a mail and web server. I was setup Airport at the NAT section with 'Enable default host at' option and all services workning well, but one thing that i want to understand is the 'network interfaces' at the 'Server admin' of Leopard Server. There is listed only internal ip adress (10.0.1.2) that use the my server, but there is no my static external ip adress. Is it correct ? Or i should manualy also to add a external ip adress which is now actually used with my AirPort router?
  If i should, so how do it correctly, using virtual interfaces at the network section or somewhere else?

  So, with any Airport routers i can't to route my public static IP adress to the MacOSX Server machine? I need another router device for this, am i right?
  Your Airport uses your public static IP address.
  Your Airport is typically then configured to port-forward inbound traffic along to your server at your own private static IP address via NAT. The mechanism known as port-forwarding is (once it is configured) how traffic routing to your public static IP address gets routed to your private static IP address.
  In general (and unless something like NAT is involved), there's only one host box active at one IP address at a time.
  I am not sure, but i think that at the server network interface i should has a public static IP adress, but with this configuration i can't see it.
  If you would so kind as to tell me what particular part(s) of [this article|http://labs.hoffmanlabs.com/node/275] are confusing and why, and I'll see if I can address the confusion and to update the article.

• Connectivity Issue - Server Network

  Hi you all
  I'm having connectivity issues, from my network, with the Servers Network that's located behind the Ace 4710... I'm monitoring the servers and i get Timeouts with a simple ICMP monitor...
  I never have problems regarding the access to the Admin context, but in the context that i use to load balance the applications i have problems
  reaching directly the servers...
  For example... I have two servers and i lose connectivity with one of them for about 2-5 minutes and then i regain connectivity... If i undo the ft group and redo the ft group i regain instant access to the server...
  I cleared all the config for the actual loadbalance and left the config regarding the client and server networks...
  Any help??
  Thanks in advance...

  Thanks for the reply Gilles...
  What do you mean with a show tech...
  I'm looking at you blog posts...To see if it helps...

• Server network in a Netweaver environment

  Hello there,
  I have a question regarding building a server network in a Netweaver landscape.
  First of all, here's our situation - Our SAP systems are hosted externally and we've had a few ORA-3113 and ORA-3114 errors recently (for those not using Oracle - this is an error that occurs when the application disconnects momentarily from Oracle. It usually happens during network problems). In investigating this problem, I discovered that our hosting partners have not build a server network and all server traffic shares the client network. The problem was caused by the daily backup being incorrectly configured so that it also ran over the network instead of over fibre to the tape library.
  I did some further reading into the above problem and found the 'Adaptive Infrastructure for mySAP' book from SAP Press states that server networks are generally no longer necessary because a Gbit LAN backbone can provide enough bandwidth to handle up to 4000 users (we have only 600). However, the book does not mention how much traffic can be generated in a Netweaver environment with R/3, BW, APO, SolMan, etc... components all talking to each other. We currently only run ECC5 (with 3 app servers) and SolMan, so our server traffic isn't great. However, we plan to add BW and APO soon and I fear that the lack of server network could cause us problems.
  On to my main question - can anyone provide me with real-world examples of how your landscapes are built and whether or not you use a server network to isolate your server traffic. What are your thoughts on the subject?
  Kind regards,
  Arwel Owen.
  BASIS Manager,
  Princes Ltd.,
  Liverpool, UK.

  Hi,
  Since each KMS key can be installed on up to six KMS hosts. You can configure another KMS host in you test environment.
  Not quite sure about the KMS host upgrade you referred. If you don’t want to update the OS, some patches will be required.
  For your information:
  Understanding KMS
  http://technet.microsoft.com/library/ff793434.aspx
  An update is available for Windows 7 and Windows Server 2008 R2 KMS hosts to support Windows 8 and Windows Server 2012
  http://support.microsoft.com/kb/2691586
  Update adds support for Windows 8.1 and Windows Server 2012 R2 clients to Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 KMS hosts
  http://support.microsoft.com/kb/2885698
  Hope this helps.

• Add new Oracle VM 3.0.2 server & network, SAN configuration

  Hi,
  I'm installing an Oracle VM 3.0.2 cluster with 4 Oracle VM servers.
  The cluster has been installed with 2 servers, the network has been configured (3 VM Network and 1 admin network).
  The storage has been configured, some VM has been created.
  And live migration has been realized.
  Perfect
  When i'm connecting on the server, I can see the network configuration on linux (bridge, vlan, etc...), storage (pool and repository,)
  Now, i have two other servers and i'm installing one with Oracle VM Server 3.0.2.
  The installation is OK, i discovered the server in oracle VM Manager without problem.
  When I'm adding the servers in the pool, the operation is successfull, and now I have a pool with 4 servers.
  In Oracle VM Manager, i can see these new servers in Network, VLAN Groups tabs, Storage Arrays.
  But, on the server, the network configuration is not configured, I don't have the configuration like other server.
  No bridge, no new vlan.
  And the ocfs2 repository filesystem is not mounted.
  And I don't know why
  Do you have any idea ?

  We fixed a bug in 3.0.3 where the networks are not created on the new server correctly. 3.0.3 is busy being uploaded to the Oracle Software Delivery Cloud, so it should be available in a few days. In 3.0.3 we automatically configure the network on-the-fly as guests that require each network component are started.I have upgrade to 3.0.3 :
  - the Oracle VM Manager
  - these 2 servers already in the pool
  - and the new server
  I add it in the pool, and the network are not configured.
  I make an new install from scratch of the new server, and same problem.
  I create a new VLAN segment in the pool, and this segment is configured on all servers, including the new one.
  I copied the network configuration from a active server on the new server
  I rediscover the server
  Ok, the 3.0.3 seem to be available on Oracle Delivery, i will download it as soon as possible.
  The repository needs to be presented to the new server that's joined the pool. Can you explain me ?I find the present/unpresent repository on the repository tab, it's ok now.
  Now I can migrate a VM to the new server, all works fine.
  I'm waiting the last server to be available (san connection problem).
  I will see if the problem is the same.
  Best regards

• Segmenting guest iscsi network from esx iscsi network

  Should I segment the network the guest uses to directly connect to luns from the network esxi uses for its vmfs luns?  Is it adequate to control this on the storage side or should we worry about the network access also?  I'm wondering what the best practice is in this case.
  thanks,
  Cale

  Hi Rob,
  " I thought I would still need access to the storage network with shared VHDX's? "
  Agree with you to use shared VHDX :
  http://technet.microsoft.com/en-us/library/dn265980.aspx
  Guest operating system requirements        
  You must use Windows Server 2012 or Windows Server 2012 R2 for the guest operating system. If you use Windows Server 2012, you must upgrade the Hyper-V integration services to the Windows Server 2012 R2 version.
  " Don't I still need a network for guest cluster communication ie heartbeat? "
  I would suggest you to reserve it .
  Best Regards
  Elton Ji
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Lion Server network accounts not working on some computers.

  Hello all -
  I'm currently having an issue with network accounts working on some Macs but not others. I have a Mac Mini and a MacBook Pro. The Mac Mini works fine and I can login and sync my network account with the server just fine. However, I cannot connect to it from my MBP.
  When I try and connect I get an error that says "You are unable to log in to the user account "xxxx" at this time. Logging in to the account failed because an error occurred."
  If I login through console (by typing in ">console" in the username field) I get an error that says the user does not have a home directory...
  I have searched numourous other forums but I have not found a solution that seems to solve this problem. I have unbound and re-bound my client to the open directory and I have restarted file sharing. Neither has solved the problem. I have a feeling the issue originates somewhere on the MBP since I can log in to the Mac Mini without any problems.
  Anymore suggestions?

  Thanks for your suggestion, SolidWood. Unfortunately it didn't help.
  After a 90 minute phone call with AppleCare, this issue has finally been resolved. Here is what the solution was. Turns out it was pretty simple but it took a while to find it.
  First we created a test user and left the home folder set to Local Only in the Server App. I was successfully able to login with the test user on both clients but since there were no mobility preferences set, it was pretty basic.
  Then, we removed the Users sharepoint from file sharing, turned off file sharing to disconnect any users, and restarted the server. Then we created a new folder on the Server HD with a random name. We chose Darron. We created a new sharepoint in file sharing (with it still turned off), and shared the new folder called Darron. Double click on the sharepoint and scroll to the bottom and check the box that says "Make available for home directories over AFP". Then we restarted file sharing.
  Then we opened Workgroup Manager, clicked on the problem user in the left sidebar, clicked on the Home option at the top, and there were three things listed:
       (None)
       afp://servername.com/Users
       afp://servername.com/Darron
  Then we removed the Darron sharepoint from file sharing, and found that it was still listed as a home directory under the problem user.
  This was the root of the problem. The system didn't know which path to use as the home directory.
  Sooooo...
  In the server app, we opened the Directory Utility (Tools in the menubar, Directory Utility). Clicked on Directory Editor. Authenticate to the directory using the diradmin login. Changed view settings to match this below:
  In the left column, there were two paths listed for home mounts. We deleted both of them, saved changes, and closed directory editor.
  Then, we restarted workgroup manager and both paths had been deleted from the users home listings. This was begining to solve the problem.
  In the Server App, we recreated the users sharepoint, made it available for home directories, and restarted file sharing and workgroup manager. Now only one path is listed for the home folder for all the users.
  This solved my problem of not being able to login on the MBP. The system synced the home folder and all was well. On the Mac Mini, I had to delete the problem account, un-bind from the network server, re-bind, and recreate the account. Now both clients are sycning perfectly and all is well.
  Thank God I bought AppleCare! Thanks to everyone else for their help and suggestions.
  As a recap, the problem of not being able to login to the MacBook Pro was caused by having multiple paths to the multiple home folders. These rogue paths were added somewhere in the troubleshooting process to try and recreate the home directories before I called AppleCare. To solve this, we had to remove the directory listings from accounts using Directory Editor, remove and recreate the users sharepoint in file sharing. The syncing problem on the Mac Mini was also created when multiple paths were introduced. The system didn't know which files to use.
  Taylor

• Mountain Lion Server: Network users Home directory mount problems

  I am having several problems with my server after a latest name change of the server via Server.app. (A first name change made problems, after that I have been trying to repair, changing the name a few times more. With latest name change, I also changed the server name itself from Foo to Bar while changing domain name from domain.com to bar.domain.com after which I repaired DNS so it covers the whole domain.com domain).
  The users in the Network directory think their home directory is on afp://domain.com/Users, but the server is now called bar.domain.com. /Network/Servers/bar.domain.com does not exist on the server. Client machines (with mobile home directories) are now able to sync, because I added an A record for domain.com to DNS (not  nice, but does the job, or more specifically that job). Also on the clients, I can go to a SHARED folder in Finder with the name Bar and go to Users and see al the home directories there. But:
  bash-3.2# ls -l /Network/Servers/
  total 4
  dr-xr-xr-x  2 root  wheel  1 Apr 14 11:14 domain.com
  dr-xr-xr-x  2 root  wheel  1 Apr 14 11:14 foo.domain.com
  bash-3.2# ls -l /Network/Servers/*
  /Network/Servers/domain.com:
  total 2
  dr-xr-xr-x  2 root  wheel  1 Apr 14 11:14 Users
  /Network/Servers/foo.domain.com:
  total 2
  dr-xr-xr-x  2 root  wheel  1 Apr 14 11:14 Users
  bash-3.2# ls -l /Network/Servers/*/Users
  /Network/Servers/domain.com/Users:
  ls: Users: Input/output error
  /Network/Servers/foo.domain.com/Users:
  ls: Users: Input/output error
  So, on the server looking for folder ~user does not work. It wants to  go to afp://domain.com/Users/user but that is unreachable.
  Any tips on what I can do except do a clean rebuild of the server (again)?
  (One of the obvious problems is that the Realm of OD is still called foo.domain.com, the origin of my problems has been that the first name change from foo.domain.com to domain.com (ill-advised, I know) failed — partly).
  What I'd like to know is:
  - where is it determined which servers end up in /Network/Servers?

  Som additional info:
  Other machines can mount afp://foo.domain.com/, afp://domain.com/ and afp://bar.domain.com/, but the server itself cannot mount them via Finder.

• Print Server - Network host is busy

  I have set up SLS as a print server with an HP laserjet connected via usb.
  If I add the printer to OSX10.6 clients I get an error whenever I try to print anything stating the "network host xx is busy will retry in 30 seconds"
  I can print no problem from Windows clients - just not Macs
  Any ideas most welcome - I have tried pretty much everything I can think of at this stage?

  I had exactly the same issue with a Epson USB printer. I do not have a Windows machine, but all the Macs were showing "Network host is busy, will retry in..."
  It is working now. I did the following:
  Installed the printer as a USB printer on the OS X server
  In Server Admin, at the server.local, I selected the services tab, and put a check mark against Firewall.
  I then selected the Firewall service and under the service tab, I allowed traffic on IPP and LPR ports.
  I then recreated my print queue using only IPP as protocol.
  My client could connect to this printer as it was advertised as a Bonjour printer @ servername.
  This works even though I have not turned on the firewall service (no green dot) but it seems toggling these ports choices in the Firewall service did something.
  Good luck.