Server Setup - DNS / DHCP (newbie)

Similar Messages

• Server Setup - DNS Problem

  I am trying to set up a Standard Server behind a router with Leopard Server. I have entered the following manual configuration during setup:
  Local Fixed IP: 192.168.77.15
  Subnet: 255.255.255.0
  DNS Servers: 65.106.1.196, 65.106.7.196
  Domain: server.XXXX.com (where XXXX is my domain name vonyz dot com)
  Name: XXXXserver
  I have a fixed IP address from my ISP and my domain A record points to that IP address and I have a PTR record that points back to my domain.
  The problem is that when the server goes through setup, it creates a server hostname of XXXXserver.local When I try to access the server from the outside, nothing happens. I have set up NAT on my router to forward all ports to the local 192.168.77.15 address.
  Any thougths on what my problem here is?
  Thanks, FVW

  If you are going to use this for server for mail you have to get the DNS set up right for that.
  Local Fixed IP: 192.168.77.15 -------- fine
  Subnet: 255.255.255.0 -------------- really the subnet mask, fine
  DNS Servers: 65.106.1.196, 65.106.7.196 -------- you can't use public DNS for private IP lookups but you can maybe use these as forwarders
  Domain: server.XXXX.com --------- domain is "vonyz dot com" not "server dot vonyz dot com"
  Name: XXXXserver ------ the the whole FQDN is "vonyzserver dot vonyz dot com"
  There should only be one A record for one public IP so either server, www or vonyzserver should be an A record and the others CNAME records to the A record name.
  And the reverse doesn't match as it is only "vonyz dot com" for the public IP.
  Pick one (the one A record name and it should be the one used for the mail server name if any).
  So if you have only these couple of IPs/names it would be easiest to reuse the domain name internally with only private IPs setup in the server DNS server for the services running in that server and public IPs and corresponding names setup for any public services hosted elsewhere (like mail currenty is).
  Or you could use another "private only" domainname internally like vonyz dot private but you still need the server to be able to resolve internal IPs for the public domain name if running your own public mail server (a correct reverse name is important when/if running your own mail server).

• Windows 2008 DNS & DHCP configuration steps for 11gR2 GI install with GNS

  Hi,
  I have windows 2008 R2 server with DNS & DHCP services installed. I am planning to install 2 node RAC with GNS option.
  The problem is i could not find any document to setup the windows 2008 DNS server for the below steps.
  a. Configure GNS VIP : add a name resolution entry in a DNS for the GNS virtual IP address in the forward Lookup file.
  gns-server IN A <virtual_IP>
  where gns-server is the GNS virtual IP address given during grid installation.
  b. Configure the GNS sub-domain delegation: add an entry in the DNS to establish DNS Lookup that directs the DNS resolution of a GNS subdomain to the cluster.
  clusterdomain.example.com. NS gns-server.example.com.
  where clusterdomain.example.com is the GNS subdomain (provided during grid installation) that you
  delegate and gns-server.clustername.com resolves to GNS virtual IP address.
  I am aware that this configuration steps has to be taken care by the System administrator. Here is what he tried and the results.
  My SA was able to Configure GNS VIP in the DNS and the Nslookup works fine for this.
  When he Configures the GNS sub-domain delegation the nslookup fails when trying to resolve the SCAN name.
  Any step by step tutorial for this windows 2008 DNS & DHCP configuration for Oracle GNS setup would be highly appreciated.
  Thanks,
  Ashok Kumar.G

  Hi Guys,
  Any help on this request will be very helpful.
  Thanks,
  Ashok Kumar.G

• Server Setup Success!

  I have struggled with setting up OSX Server for almost 2 years now.  Had a few apple consultants come try, and like me, they failed to be able to get Open Directory to be stable and for users with network homes to be able to work reliably.
  So, I finally just took one of my mac minis from work home and started working on setting it up as a test.
  Followed these steps:
  1. Reformatted drive
  2. Installed newly downloaded mavericks 10.9.4
  3. Setup a local admin user account
  4. Set DHCP with manual IP address and set DNS to 8.8.8.8 and 8.8.4.4
  5. Downloaded Server.app 3.1.2
  6. Opened server.app.  Let it setup DNS services.  used test.miller.private as computer and host names.  Server setup DNS and edited the DNS settings in my network control panel, it added an entry for 127.0.01 before the google entries.
  7.  Setup Open Directory.  For some reason, the certificate it created was only being used to secure OD, so i told it to use it for everything.
  8.  After that though, i was disappointed to see errors like this in the logs:
  slapd[2168]: conn=4041 op=3: attribute "entryCSN" index add failure
  slapd[2168]: => bdb_idl_insert_key: c_put id failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)
  And those errors got worse after binding a client.
  BUT, on the server, I opened Keychain access and set it to always trust the various certs that the server had setup, kdc, open directory, etc.  It was a bunch of certificates.  Since then, the logs are clean.  No more deadlocks.  Very little actually shows up in the logs now and so far, network users are working well.
  So maybe this **** thing does work after all?

  Congratulations!. Thanks for sharing this with the community.

• Single server as Soft AP, DC, DNS, DHCP for a small office

  The server is running 2012 R2 Foundation with a wired network for internet (Comcast). It has a WiFi adapter so it can host a wireless network (as a Soft AP). The WiFi host has a static IP 1.1.1.1.
  On the server I have setup AD, DNS, and DHCP services (all bind to that static IP).
  All clients need to connect server and internet via WiFi, and join the domain for work.
  But it looks like the DHCP/DNS services don't like the virtual adapter - although all clients can connect, they cannot get their IP.
  Without AD/DNS/DHCP I can share internet connection with ICS perfectly, so I think the hosted WiFi network is setup correctly.
  I tried to remove the DHCP service, and use ICS to assign IP - it works, but clients cannot see the DNS server and thus cannot join AD.
  What am I missing? Thanks for your help!

  It is never a good idea to run a DC with two NICS. It causes all sorts of problems. (The only exception was SBS server which was designed as a one-box solution). Also, a domain will not run behind ICS. If you are running a domain, the domain clients
  must use the local DNS (on the DC) for DNS, not the DNS relay system of ICS. RRAS/NAT will work because you can configure it so that it does not run its own DHCP function. ICS is not configurable.
    Even if you overcome that problem, you still have the multihomed DC problem. It really isn't worth the effort to save a few bucks.
  Bill

• New server Network & DNS Setup

  I just got a New Dual G5 Server and set it up using the pdfs from apple. Mainly the Getting Started Appendix B page 149 Small Business Setup using the Gateway Setup assistant. I ran into all sorts of problems like being unable to login to the open directory and i think it was my DNS setup that was the problem i then changed the setup multiple times using various How-tos in this thread to no avail.
  So i have reinstalled the the Server software and will start again using the following steps.
  This is my first post so i please let me know if i have provided enough info or to much?
  SETUP:
  ADSL 2 connected to DLINK 4 port Wireless Router (24Mbps) 1 port plugged into Ethernet 1 on Server. Router is setup as a DHCP using 192.168.0.1 and 192.168.0.2 for xserve. subnet mask is 255.255.0.0 (dynamic ip address from ISP)
  Xserve Ethernet 2 will provide DHCP and NAT via a 16 port switch to Computers and Printers. Setup as 192.168.2.1, 255.255.255.0
  I want to use the xserve as a file server, filemaker database server, web server for a test site for some of our content and also possibly an email server.
  INSTALL
  1. Install OSX 10.4 with ethernet settings above eth1 is DHCP eth2 is manual
  assigned, no services will be set to start up and i choose Standalone
  Server
  2. Update with Software Update
  3. Setup DHCP for the Clients - Start Service
  4. Setup DNS use " company.private" for the host name and the DNS server ip
  will be the 192.168.2.1 address
  5. Upgrade to Open Directory Master and Kerberize
  6. Setup Sharepoints for Data Storage and Home directory location
  7. Start Apple File Services AFP
  8. Create user Accounts / Groups
  9. Setup Directory Access on clients to see LDAP server and DHCP.
  Login from clients to get an automounted sharepoint and Home directory,
  "sounds easy when i type it up like that".
  Could anyone let me know if i am doing it the right way or if there is anything i have missed wrong order or something important.
  Should i change the routers subnet mask to 255.255.255.0 ?
  Obviously wireless clients will have access direct to internet due to the router and the routers DHCP. Can wireless users access their Home directory in this manner via the ethernet 1 port?
  Should i just let the router handle the DHCP for everyone and plug it into the switch with only 1 ethernet being used on the server?
  I will eventually have to have another subnet for student computers in the future.
  I would greatly appreciate any advice

  Pretty long post, and I doubt anybody here will want to go through the entire setup process. However, I'd re-think your baisc hardware configuration.
  I don't know why everybody gets so excited about using that second ethernet port on the Xserve. It's necessary in some setups, but if you already have a router providing DHCP on a small network it seems like overkill.
  I'd setup the chain in this order:
  Internet - ADSL Modem - Router - Switch - Xserve / Computers / Printers
  Setup your server with a manual IP address (192.168.0.2 is fine). Point it to itself as the DNS server.
  Leave the router at 192.168.0.1, and configure the router to assign DHCP above the Xserve's address (say, from 192.168.0.10 and up). Also let the router handle NAT.
  Network homes work over wireless, but it's not an entirely satisfactory experience. You might consider using portable homes instead; sync times will still be slow, but overall you'll cut down on network traffic and it should at least appear faster to your users.

• I am trying to setup Microsoft office mail and need assistance  - I am receiving the error, unable to find server and DNS setting in the Network

  I am trying to setup Microsoft office mail and need assistance  - I am receiving the error, unable to find server and DNS setting in the Network

  Which version of OSX and what email provider are you using.

• DNS Router & Server Setup Issues

  I'm running a Mac OS X Server on my local network. I have a D-Link 655 router that connects the machines and conencts to the internet.
  I'd like to use OS X Server's DNS instead of my ISP's. In the D-Link Router I've set the DNS to the OSX server in the WAN section. Unfortunately it doesn't allow my clients on the network to connect to the internet when I do this.
  If I set the DNS on the client to the OS X server it works fine. Or if I set the DNS on the router to my ISP's (or Google's) it works fine too.
  Is this a route configuration issue? Or is this an OS X Server issue?
  Any thoughts on how I might figure out where the problem lies and how to solve it?
  Thanks in advance

  Your DHCP server needs to pass out the IP address of your DNS server (only).  
  In general, you should not include any references your ISP DNS servers anywhere on your network.  Not in your DHCP server, not in your clients, and not as a forwarder within your own DNS server configuration.
  When you make the change, renew the leases of the devices that have the old address if needed, and alter the hard-set DNS server settings in the devices that don't use DHCP.
  The one sort-of exception to this: your DNS server should have its Network settings DNS server address set as 127.0.0.1; as the localhost address.  Not as its IP address.
  And in general, routers don't do DNS.  (Though it's common for folks to refer to devices that provide routing, NAT firewall, potentially VPN servers and other services as a "router", technically routers don't typically include DNS services.  And very few gateway devices - even the fancy ones and expensive ones - implement DNS services.)  Routers (and particularly the usual sorts of network gateways) can generallty have a DNS configuration for two reasons; to forward DNS requests to an upstream DNS server(s), and to have a DNS server address for an embedded DHCP server to pass out to DHCP clients.
  In your particular case, the IP network connectivity is very likely present in both of your test configurations, it's that your clients aren't getting DNS translations.
  Probably more than you ever cared to learn about setting up DNS services on OS X Server.

• Communication between the DNS/DHCP Manager and OES Server

  No communication between the DNS/DHCP Manager Console and OES server (status,start,stop)
  The screenshot shows the tab "DHCP (OES Linux)" in the DNS / DHCP Manager console
  in the bottom of the image it shows the state of the DHCP servers.
  allDHCP.JPG
  The dhcp service is started on all these servers
  You can see that the status is known only for four servers.
  The button "start/stop DHCP service" works fine on this servers and
  the dhcp service can be canceled and also restarted
  But the status of the "dhcp service" is not recognized for all the other DHCP servers
  and so we can not start or stop dhcp service on these servers.
  All servers were installed at different times (last three years) with OES11 and
  are upgraded to OES11SP2 with all patches.
  The server keto (DHCP_keto) is a new installation OES11SP2 few days ago.
  All OES servers were set up identically from me. LDAP, LUM, DMS, DHCP works fine.
  Which service on the OES server is responsible for
  communication (status indicator) between the DNS/DHCP Manager and the OES serve?
  How the status query is performed by the DNS/DHCP Manager?
  How can I test the communication to the server on the client (console)?
  Which configurationfiles I should be compare on the server?
  Thanks in advance
  Gernot

  gernot,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://www.novell.com/support and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Forums Team
  http://forums.novell.com

• DNS/DHCP app no longer sees DNS/DHCP server.

  When I moved the majority of my Netware 6 servers to OES-NW last year, I started using iManager to handle admin duties for DNS and DHCP.
  With a planned move to OES-L coming up, I tried accessing both services using the DNS/DHCP java console.
  While I am able to log into that console, I am unable to see my DNS/DHCP server or any of the expected components for either service (DHCP pools, zone records, etc...).
  I have tried both the console that is installable from the server and the newer LDAP-based version.
  I have tried both 32 and 64-bit versions on XP and Windows 7, respectively.
  Since I want to move those services to OES/Linux and the java console is the only mechanism that can administrate the services on that platform, I am perplexed.
  My needs are simple, and I could easily move those duties to a SUSE server or even a Windows server, but that is not my preference.
  Any ideas on where to begin troubleshooting are welcome.

  On 06.08.2012 21:56, gathagan wrote:
  >
  > When I moved the majority of my Netware 6 servers to OES-NW last year, I
  > started using iManager to handle admin duties for DNS and DHCP.
  >
  > With a planned move to OES-L coming up, I tried accessing both services
  > using the DNS/DHCP java console.
  >
  > While I am able to log into that console, I am unable to see my
  > DNS/DHCP server or any of the expected components for either service
  > (DHCP pools, zone records, etc...).
  >
  > I have tried both the console that is installable from the server and
  > the newer LDAP-based version.
  > I have tried both 32 and 64-bit versions on XP and Windows 7,
  > respectively.
  >
  > Since I want to move those services to OES/Linux and the java console
  > is the only mechanism that can administrate the services on that
  > platform, I am perplexed.
  > My needs are simple, and I could easily move those duties to a SUSE
  > server or even a Windows server, but that is not my preference.
  >
  > Any ideas on where to begin troubleshooting are welcome.
  You have more than one DNS-DHCP locator object in your tree, and the
  console is picking up a/the empty one. Find the proper object (look at
  the other tab in consoleone or imanager to see if it's connected with
  servers zones and the like), and delete the superflouos ones.
  This is an *extremely* common problem when OES gets introduced into a
  tree, as it by default creates new locator objects in the server
  container, if it's not configured otherwise.
  CU,
  Massimo Rosen
  Novell Knowledge Partner
  No emails please!
  http://www.cfc-it.de

• DNS / DHCP Issues in Server 2008R2 Domain

  Hi folks,
  We’ve been having an ongoing issue for a while now in that some PCs and laptops (Win 7) in our company can’t be contacted by hostname i.e. if we try and RDP from one Windows 7 PC to another the RDP session fails as if the PC isn’t turned on, but it
  is indeed turned on and connected to the network. 
  Even if we ping the host name of a particular computer that is on it fails to reply but if I go into DHCP I can find the hostname bit it has a different IP address assigned to it other than what is listed in DNS for that host name.
  So for some reason when some computers get switched on and be allocated a new dynamic IP address through DHCP the corresponding record in DNS doesn’t seem to get updated meaning we need to go into DNS and manually amend the Host A record with the new
  IP address that it has been given so we can RDP onto that computer using the hostname.
  At present aging and scavenging isn’t enabled in our environment as we are afraid to in case it removes live DNS entries that just haven’t been turned on in a wee while.  Does aging and scavenging just ignore static DNS entires and does aging and
  scavenging work in DHCP as well?
  One other thing I noticed is that if I delete an incorrect DNS Host A record and create it manually and assign the hostname and the correct IP address it says static rather than having a timestamp on it. When I create the new record I always click on our
  domain in the Forward Lookup Zone and on creation I always select Create the associated pointer (PTR) record so not sure why the manual record doesn’t get a time stand.
  So any help/advice or suggestions would be greatly appreciated.
  Thanks,
  Bonemister

  Hi David,
  Thanks for your reply and for clarifying those things for me.  Unfortunately in my workplace when I add a manual DNS Host A record it does become a static entry and doesn't have the '0'
  you mention, do you have any idea why that would be as I'm worried about it affecting things if I were to enable aging and scavenging.
  Is it possible to just enable aging and have it remove entries before a time of my choosing or does scavenging need to be enabled also?
  I still can't understand why the relationship between DHCP and DNS isn't working correctly. Sure if DNS has an A record for a computer and the IP address changes via DHCP there is bound to be
  a way to setup DNS to be able to update the records it holds - do you know if my reading of this is correct.
  By the way, I can confirm that my adapters TCP/IP DNS settings are the same on of the PCs that had the DNS fault as in your screenshot the only different is we have the tick in Append parent suffixes... - would that make a difference.
  Thanks also for that other link, it seems very interesting and I'll have a good read through it carefully before doing anything!!
  Thanks again for you reply and I look forward to seeing any responses.
  Regards,
  Bonemister

• Dhcp server setup

  I am trying to setup a dhcp server.
  I am using the following dhcp.conf:
  option domain-name-servers 192.168.2.1;
  default-lease-time 86400;
  max-lease-time 604800;
  authoritative;
  subnet 192.168.2.0 netmask 255.255.255.0 {
  range 192.168.2.5 192.168.2.55;
  filename "pxelinux.0";        # the PXELinux boot agent
  option subnet-mask 255.255.255.0;
  option broadcast-address 192.168.2.255;
  option routers 192.168.2.1;
  when I try to start the server with "/etc/rc.d/dhcpd start"
  I get this:
  Starting dhcpd.............                                       [FAIL]
  in dmesg I see this:
  dhcpd: no ipv6 routers found
  are they linked?  is dhcpd failing because of no ipv6 routers?  or am I missing some configuration?

  forget about IPv6, it is not a major problem
  1 Do you need your server for pxe booting? I don't know much about it...
  2 What is the name of the dhcp server you're using there? Are you sure that the config file is called dhcp.conf? ( for the dhcp package it has to be dhcpd.conf)
  3 Is your IP address range correct? I mean are you on the same network as your future clients and you share the same IP range? If your server is not on the same network it will not work...
  I've tried your config with my machines, it works fine - after I've modified the IP range for my network ( 192.168.1.x)

• Step by step guide to setup NAP DHCP Enforcement on a separate DHCP server & NPServer?

  Hi,
  Any one has a link or instructions on how to setup NAP DHCP Enforcement with a separate DHCP & NPS (Network Policy Server)?
  Regards,
  Mon

  Hi,
  Video in the web page will demonstrate how to setup a DHCP enforcement of NAP：
  Network Access Protection using DHCP in Windows Server 2008 R2
  http://social.technet.microsoft.com/wiki/contents/articles/network-access-protection-using-dhcp-in-windows-server-2008-r2.aspx
  you can also reference the link below：
  Checklist: Configure NAP Enforcement for DHCP
  http://technet.microsoft.com/en-us/library/cc772356(v=WS.10).aspx
  Best Regards,           
  Eve Wang

• 10.5.1 Server Setup - Help Make it all Work!

  Hello Everyone, I currently have a new MacMini running 10.5.1 with our Calendar, Wiki and File Sharing. I have recently just returned from the Mac OS 10.5 Training Session from Chicago Columbia College and was astonished at what their demo servers did versus what mine has never done lol. We are a small tech company and there isn't much yet in the way of documentation or training or even training materials for Leopard Server. So I wanted to share some of what we learned from the training seminar and hopefully someone will know the proper answers to my questions. This is going to be a bit long winded but I think it's important to convey my questions/concerns.
  1. Ok initial setup of our Leopard server requires you to input a host name and then the domain name. Well after the first install of Leopard we found as I have read amongst the posts for the past 2 hours that if you place let's say macmini in the host-name field then place domain.com in the domain field. After the server setup is complete Leopard Server wants you to chat, vpn, and browse to http://macmini.domain.com/groups as well as mail. This is all well and good if you have access to DNS like I do and can easily make changes to the MX & A records but if your a typical SMB user then you won't and this means that once your e-mail is setup and your ready to start using your server anyone you e-mail will come from [email protected] and not [email protected] which is a huge problem. So be cautious here. I was instructed by Apple after scratching their head to leave the host-name blank and only fill in the domain name here if your on let's say a T1 or other medium with a static IP pointed at your machine or router. So this is my first pet peve, there is a sloppy work around to this by telling the server to receive e-mail for domain.com as well but still whenever you send it comes from the original domain.
  2. Application Setup - Single Sign-on - When I attended Leopard training this week in Chicago I was amazed at how whenever a user (demo -lab environment) logged into ichat, ical, wiki or e-mail there was simple single sign-on kerberos auth. What I mean by this is once the server is up and running and your Mac connects to the network for the first time either by manual add thru the directory application or a new Mac that finds the Leopard server automatically at first boot and you auth a user on the server to that Mac then there is just a single signon from that point on, NOT! For us our users log into their machines, (mind u they are already users on the Leopard server and can log in just fine) and they try to go to their e-mail for the first time it always fails. We then have to disable SSL over SMTP and IMAP and manually type in their passwords because the MacMail clients cannot trust the SSL cert or we simply just delete their accounts and recreate them from scratch. Same happens with iChat. By design when you auth your Mac against the server, the server auto configs the security and client apps, i.e. mail, ichat, directory, VPN, ical. But iCal has consistently failed setup across 5 server builds and 10 clients. What will happen is when you go to prefs in ichat you see your account but it can't auth you and doesn't show up in ical for your personal server calendar. If you manually remove your user account and re-add it works great. But next time you go to ichat, once again you have to recreate. And I can recreate this all day long. But at the demo it worked like magic. So that is problem number two, SSL and single sign-on does not really work and app auto-config does not work at all.
  3. Apple Airport Extreme 802.11N. - As a test and per Apple's recommendation for SMB clients we picked up a new Airport. We patched it and setup user/pass info and setup DHCP on the device for so if server fails we have internet. And during server setup it logged into Airport and tried to configure settings. We were on the net and all was good after server setup. However with VPN enabled per user in Standard mode on server we have only been able to gain VPN access for clients if they are actually inside the network. I have spent about 10 hours back and forth with Apple Support trying to get VPN to work outside. The Manual setup of new Airport Port-Mapping is simple but crude. It does not seem to work. And there is a default hosts setting which should translate to an open DMZ but does not. So that is third on my list, running a MacMini with 2gig's of RAM which is within SPEC for Leopard Server and using the Apple Recommended solution of an Airport Extreme N does not work for s&*% and I would be very surprised if anyone here has gotten that to work.
  4. E-Mail Services - As stated prior Leopards auto app setup utility does not work for crap unless by some magic there are other steps besides the ones outlined and printed with the purchase of server. But the main thing about mail is that we are missing the basics. I mean your going to be hard pressed to find ANY e-mail application on the market today, Notes, Exchange, Gmail, Hotmail, Yahoo, iMail or other that does not include basic vacation/out of the office message replies. This is a huge issue for any small business or for that matter any size business that wants to automate things when they are out and I think this is one of my small peeves but certainly worth a listing here.
  5. VPN - We have tried like **** to get the VPN to work thru the Airport as previously noted but we have also connected MacPro with 2 nics, one for net and one for LAN and not been able to connect to the server from outside our network. Here is my largest frustration, we currently run SBS2003 from MSFT and they run flawlessly. I have literally sat with clients in their office during a new setup for SBS and in 3-4 hours we were up and running with minimal system level changes from the guided path. And for Apple to advertise this in the manual and all online materials as being SMB friendly is a complete slap in the face. Now don't confuse my above descriptions of problems we have seen across 5 Leopard builds as being a rant because it's not but seriously I am a network engineer with 10 years in the field working with 20+ product ranges and in our office we only use Mac because of stability and uptime. But OS X 10.5 is not Small Business Friendly at all even with the half hearted attempt at the new System Admin console for SMB users. However that being said I will still push on and try to get all these little bugs worked out and what I would really like to see is some feedback on my issues and I would love to know if anyone else has had similar issues. I really had hoped that 10.5 could help my firm finally push the proper solution (Mac OS X) for our SMB clients but it just isn't there yet.
  Cheers,
  DM

  Thanks for the quick read and response. Do you feel the issue might lie with the fact that it is a Mac Mini? And possibly just not powerful enough to run Leopard Server? I have to say in our trials with MacPro it was like night and day as to how they performed. And if you could elaborate on this "Many VPNs don't play well with NAT so your VPN server should have a direct connection to the public network (preferably firewalled, of course, but not NATted)." Most every SoHo and for that matter uses simple NAT translation for security even our multi thousand dollar Cisco PIX and ASA's are basic NAT devices to start with. How would you put the VPN on public net while keeping the attack surface low for the rest of the services like file, web, mail and print?
  Don't get me wrong I want this to work more than you can imagine. We are so tired of supporting MSFT technologies that cost thousands a year in antivirus, antispyware, antispam and other malware protection for the enterprise. We know that Leopard has great potential but for an integrator, getting this system up and functional is not an easy task. And the worst part of it is every time we have called for support the tech always lets out a sigh when they hear we have run standard setup because they are not allowed to walk us thru the server console to make repairs. And have been told by 3 techs so far that this is a new product and the support avenues are not there for standard since it just supposed to work out of the box. But when it doesn't then ohh well. Which is sorta sad...
  DM

• Lion Server setup & Time Capsule

  Greetings,
  I am new to lion server so please bear with me. Some of my question me seem dumb to some of you. But to me the only dumb question is one not asked. So please bear with me.
  Server and time capsule will both do NAT, DHCP. Which should I use for the network Server or Time Capsule. I am connecting with a Brighthouse cable modem with a Dynamic IP. I have the Time Capsule in Bridge Mode with a static IP 192.168.0.6. The server is Static with 192.168.0.5. Brighthouse wireless is disabled as I like the time capsule wireless. Time capsule is providing WI-FI. Brighthouse router/Modem provides the Router at 192.168.0.1.
  I have a domain name abc.net. Should I set up lion server first and then set up Time Capsule after it is working? Do I set this up as a .local, .private or .net account during server setup? I want to be able to get to my computer from my domain name and handle my mail.
  I set this up once and it worked for about 2 hours. After that it would never see my computer. So I am setting up server again but wanted to see if I could get a little first time guidence this time. I also signed up with DYNDNS for DNS updating and that just seemed to throw a whole new batch of problems in.
  So any help would be great... Not dumb with computers, but new to apple servers. And I don't do geek well!!
  I think all the IP numbers, what I need to change on Netfirms to get to my computer get me confused in the setup.
  Thanks

  Server and time capsule will both do NAT, DHCP
  Sure.
  Which should I use for the network Server or Time Capsule
  Why do you think you need to use either of them?
  Ideally, you should have ONE device on your network running NAT, and ONE device running DHCP.
  From your description it sounds like your Brighthouse router is running NAT therefore there is no need to run NAT anywhere else.
  The chances are that the Brighthouse router is also running a DHCP server for your LAN, therefore there is also no need to run DHCP off the Time Capsule or the Server. You've already got those bases covered.
  So, at least without more information, I'd be inclined to say: neither.
  Should I set up lion server first and then set up Time Capsule after it is working?
  Probably. It depends on what your plans are for the Time Capsule. If you're using the TC as a wireless base station then it doesn't need to be running until you're ready to connect wireless clients.
  If you're using the TC for backup, you don't need it until your server and/or clients are setup and ready to backup.
  Since the TC is not (as per the above) running either NAT or DHCP, there's not much else to do with it.
  So focus on the server.
  Do I set this up as a .local, .private or .net account during server setup?
  That's entirely up to you, although there are a couple of options. First off, though, realize that there is no, zip, nada connection between the hostname you use on your internal LAN and any public domain. It's 100% valid for your server to be called foo.bar while serving web content for abc.net and getting email for xzy.com, all at the same time.
  Personally, I tend to set them the same (e.g. abc.net in this case), but others will recommend a different approach. It's largely personal preference.
  I want to be able to get to my computer from my domain name and handle my mail.
  If you're talking about getting to your computer/mail from an external locale, that's 100% down to DNS and completely independent of what the server thinks its own name is.