Dazed and confused - Xserve setup

jlampitt

Registered
For the past week, I've been going through Xserve set up senario's and need some advice.

I currently have our Xserve set up as the gateway but through several "learning experiences" this week, I really don't want to use that configuration anymore. Biggest reason being if I do anything with the Xserve that requires me to shut down the server or restart, everyone looses their connection.

Not good.

I need to be able to set up VPN, FTP and Web services but the thing I can't get past is how to do that if the Xserve isn't the gateway.

It's been suggested to me that I feed everything from the DSL modem/router through a switch and allow the modem/router to run NAT, static routing and port forwarding services for outside requests to the server.

That makes some sense, but after reviewing several network scenario's I don't see how I can run VPN without the server as the gateway.

Also, these questions float through my mind...

The DSL modem as a static, public IP address. Even if I stick with using my Xserve, how the heck do I assign the same public IP address to the EN1 interface?

What am I missing here?
 
You shouldn't set it as the same IP as the modem, since you have routing and fowarding, you should choose a diff IP. Just have all the data forward and route to that IP address. Next, have all the users connect to that IP address to connect to what they need. But if you had another network card, this would probably work a lot better. - Wouldn't you already have a VPN since you're already routing the data?
 
Sooooo.... I think what your talking about here is static routing for all incoming traffic to the Xserve.

Yes?

I don't really understand what you mean by, "if you had another network care, this would probably work a lot better." The Xserve has two ethernet interfaces which I was using in the gateway configuration.

I suppose the VPN would work if I'm routing all incoming traffic to the server. I suppose the next question in that configuration is NAT. Would i have to keep NAT enabled on my DSL modem/router or should I turn it off?

I really think I'm overthinking this whole process but thus far I haven't had a straight answer from anyone.

Surely there are others out there using an ADSL modem/router with an Xserve sitting behind it with VPN, FTP and other remote services enabled.

JL
 
jlampitt said:
Sooooo.... I think what your talking about here is static routing for all incoming traffic to the Xserve.

Yes?

I don't really understand what you mean by, "if you had another network care, this would probably work a lot better." The Xserve has two ethernet interfaces which I was using in the gateway configuration.

I suppose the VPN would work if I'm routing all incoming traffic to the server. I suppose the next question in that configuration is NAT. Would i have to keep NAT enabled on my DSL modem/router or should I turn it off?

I really think I'm overthinking this whole process but thus far I haven't had a straight answer from anyone.

Surely there are others out there using an ADSL modem/router with an Xserve sitting behind it with VPN, FTP and other remote services enabled.

JL

I am going to guess what you really want here.

I may have something similar (Time Warner cable modem instead of DSL).

I have my cable modem with a public address connected to en1. I have my internal LAN connected to en0.

en1 on the XServe has a public IP address (different from the cable modem, or DSL modem in your case). You should have received from your DSL company Public IP range to use. Your DSL modem will receive an IP address from your DSL provider.

Make sure you have en1 listed first in your Network configuration or things won't work very well (if at all).

For the inside LAN, use NAT and a private address range. If you will have less than 200 devices, you can use 192.168.1.x subnet 255.255.255.0

You would assign en0 with one of the private IPs (eg. 192.168.1.10). That IP address would also go as the Gateway address and if you want to use your XServe as the DNS server, it would also go as the DNS address as well (on both en0 and en1). You would also put public DNS servers as secondary DNS entries on en1 (the public interface).

You will need to have firewall turned on. To begin, I would set "any" to accept all packets, that way Firewall won't prevent anything from happening and make configuring frustrating.

You don't configure your DLS modem for anything. It should just get a static IP address, and the rest is done by the XServe.

Your XServe is then also the DHCP server (issuing the 192.168.1.x addresses).
 
Back
Top