0

We currently have a SBS 2003 with 2 NICs - one LAN side, one WAN. The SBS has an ISA Firewall. We are replacing this server with new hardware and SBS 2011, in the near future.

As part of this change, I am putting in a Fortigate firewall. I would like to have this in place before the change of server. The firewall will replace the SBS as the gateway.

In simplistic terms: once the Fortigate is set up on the LAN, does anyone see any problems if I simply disable the ISA firewall, and point everything (including the SBS) to the new gateway?

Could the 'public' NIC on the SBS 2003 be utilised in any other way in the short term (perhaps some form of load balancing), or should I just disable it?

Thanks

iWeasel
  • 161
  • 8

1 Answers1

3

You can do this without issues.

With SBS 2003 the clients still need to have the SBS 2003 machine as their DNS server, (I find it best to be the DCHP server too). The new FW can be the default gateway for the clients.

The unused NIC probably won't be effective for load balancing unless you have enterprise level switching gear (and it is unlikely that the NIC is a bottleneck anyway--is it a gigabit NIC? Gigabit switch? )

However, you could, depending on the NICs respective capabilities, use it in a teamed configuration to get at least failover capability. Generally for this you need server grade NICs of the same type, same driver versions, etc is recommended. HP servers with multiple NICs come with a utility to set up teaming. Be sure to get the latest drivers.

will
  • 46
  • 1
  • 1
    you'll likely need to remove any routing setup in Routing and Remote Access (careful not to remove PPTP/VPN settings if they exist). – gravyface Dec 29 '11 at 15:21
  • @gravyface thanks for the nod on the RRAS :D / 'will' - plan to keep DNS the same, and interesting comment on the NIC failover. Thanks – iWeasel Dec 29 '11 at 15:47