Jump to content



Photo

Redoing my network...


  • Please log in to reply
33 replies to this topic

#1 riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 28 January 2014 - 11:45

Hello,

Well, I bit the bullet and got the microserver. Now it is time to plan before deploying:

I have this (excuse the crude Paint drawings):

network.png

That R is the router and is a 802.11n The AP/Switch I believe is also 802.11n and extends my wireless network (on different channels but both broadcasting the same SSID). Both run DD-WRT. Laptop1 is 802.11n This can be done differently so Im willing to reconfigure it a bit The TV is 802.11g, the Blu-Ray is 802.11n, and the laptop2 is 802.11g

Two cells are 802.11n, one is 802.11g

Here is what Im thinking my new network is gonna look like:


newnetwork.png

Noting that the Microserver has 2 LAN ports, one will be connected to my ADSL modem. The other will be everything else (DHCP/DNS/AD/NAS/etc). The router will turn into a AP giving everything on that level 802.11n and the rest will basically stay the same.

Thats part one. The "problem" I mostly see is the wireless networks. While Im on this, I wanna "fix" any issues I might have with them currently. I know the Blu-Ray connects at 802.11n because of the status screen (and because it is increibly able to stream HD content from my PC to the Blu-Ray). Obviously the TV doesnt really NEED wireless access but some people in my house are lazy and use it as a web browser :laugh:

Later, we will get with configuring pfSense and I guess Ill leave the WS2012R2 box for last (supposing I get ESXi working before)

I have questions about AD because local users are gonna turn into domain users and Im not really sure how to handle that with their files and settings and etc. Ideally I would like them NOT to notice ANY changes but I imagine this is very difficult to do.

I imagine this is gonna be a long thread so thank you to everything that participates before hand and has to put up with my limited and stupid knowledge. I apoligize before hand for my idiotic questions.

Thank you.


#2 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 106
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 28 January 2014 - 13:06

Ok for starters -- you have have copy of 2k12 server that you can use to run your domain in production. But you don't have visio ;)

Here use this then for your next and future drawings. http://www.gliffy.com/ FREE!!

Back to a domain? Why, what use do you have in a home setting? Your complicating it way too much! If you want to run 2k12 as domain sure, use another vm as its member to play.

There is no reason to run it as your production network and have your machines login into the domain for day to day access. There just isn't.

I have worked with windows domains, since before they were -- windows for workgroups 3.11, NT 3.51, NT 4, 2k, 2k3, 2k8, etc.. You think I have my pc or my wifes laptop, or any actual use box login to a domain? Why??

Now I do have a VM domain I can fire up if I need to validate or test something... But it really has little use in a home setup and is only going to bring you added headaches, especially if you have never actually used it.

#3 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 28 January 2014 - 13:39

Hello,

Ok for starters -- you have have copy of 2k12 server that you can use to run your domain in production. But you don't have visio ;)

Here use this then for your next and future drawings. http://www.gliffy.com/ FREE!!

Im a fan of creately.com :) Nice diagrams.

Back to a domain? Why, what use do you have in a home setting? Your complicating it way too much! If you want to run 2k12 as domain sure, use another vm as its member to play.

There is no reason to run it as your production network and have your machines login into the domain for day to day access. There just isn't.

One of the reasons is just because people in my house install too much crap on their PC. Allowing them to install A, B, etc. could be done with a domain (yeah, I could make them normal users and me admin on there but where is the fun in that :p )

I have worked with windows domains, since before they were -- windows for workgroups 3.11, NT 3.51, NT 4, 2k, 2k3, 2k8, etc.. You think I have my pc or my wifes laptop, or any actual use box login to a domain? Why??

I saw them in 2k :laugh: just to see the experience difference...

Now I do have a VM domain I can fire up if I need to validate or test something... But it really has little use in a home setup and is only going to bring you added headaches, especially if you have never actually used it.

Well, I could always undomain everything, right?

It doesnt have use in my home (much less the number of users) but it is a fun experiment :)

#4 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 106
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 28 January 2014 - 14:00

People installing crap is quite easy to FIX - Tell them to stop it, if you have a question if they should install something - ask. There you go problem solved ;)

Make them normal user, set password on admin account and set uac to require password to elevate. None of which requires a AD.. What are you going to use the AD for other than setting a couple of settings via GP? Set the GP local if you want to play.

Here is a question that has not come up from what I recall - what OS are they other machines running, home versions of windows can not even join a domain.

Its great FUN, do it it a VM and play all you want with another VM as client.. Your going to over complicate it, if after you have played and experimented with it for a while you feel that hey I want my real machines to be part of the AD, then join them then.

Keep in mind if you join machines to domain that their dhcp and dns should be the AD, not your router (pfsense).

Do what you want, happy to answer questions about AD until the cows come home - but I just do not see its place in a home setup, even for experiment for other users. Hey if you want to put your machine in go for it.. Cuz I tell you wants going to happen - something is going to not work exactly how you think it should, or you will make a configuration thing that is not right and now the users of your PCs that are member of the domain are going to have an issue.

#5 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 28 January 2014 - 16:18

Hello,

People installing crap is quite easy to FIX - Tell them to stop it, if you have a question if they should install something - ask. There you go problem solved ;)

Make them normal user, set password on admin account and set uac to require password to elevate. None of which requires a AD.. What are you going to use the AD for other than setting a couple of settings via GP? Set the GP local if you want to play.

The problem is that since this is not work related, people can tell me to F off basically...

My wish would be to be able to "push" programs; Install them from the WS2012R2. Im not even sure if this is possible :) but the users would tell me "Hey I want Word" and I would be able to install Word remotely.
 

Here is a question that has not come up from what I recall - what OS are they other machines running, home versions of windows can not even join a domain.

Yup :) Checked this out. All machines are able to join a domain :)

 

Its great FUN, do it it a VM and play all you want with another VM as client.. Your going to over complicate it, if after you have played and experimented with it for a while you feel that hey I want my real machines to be part of the AD, then join them then.

I do feel that I (my PC and/or laptop) should be the first one to join the AD and test it out anr play with it. The problem is that being obvious admin, I wouldnt have much problems.

Now that I say that, question: There should be a domain admin and a computer(s) admin right? Example: UserA should be domain admin, UserB should be admin of all computers in the domain, and UserC should only be admin of his own computer. Correct?
 

Keep in mind if you join machines to domain that their dhcp and dns should be the AD, not your router (pfsense).

That is a touchy subject which I imagine Ill get in when I start with pFsense...

pFsense should be my gateway and WS2012R2 should point to it as gateway to pass to all other clients when DNSing/DHCPing right?

 

Do what you want, happy to answer questions about AD until the cows come home -

Never heard that one.

 

but I just do not see its place in a home setup, even for experiment for other users. Hey if you want to put your machine in go for it.. Cuz I tell you wants going to happen - something is going to not work exactly how you think it should, or you will make a configuration thing that is not right and now the users of your PCs that are member of the domain are going to have an issue.

I agree that I should first test it on my physical machine out first. Then, when I think Im ready, I should deploy it to the rest.

I feel also doing this, after a few months in my home, that I should be able to somewhat, admin my work domain a bit better. I have no idea of some things but I think this would be a good practice exersize. But before all that pFsense...


pFsense looks pretty straight forward and Ive been reading some simple tutorials. I do have questions about my other two APs: How exactly do I set them up?

This is my router's wireless settings right now:

router.png

I cant access right now the other one because its on a 192.168.2.x network so...

Other settings:

moresettings.png

Here there are a bunch of things wrong or that need to be changed.

First thing is that the connection is set to PPPoE when as soon as I change to pfsense I need to be.....? This AP is NOT going to be my DHCP server but I need to be able to pass out addresses to wireless clients from the WS2012R2...

Later, that gateway: I have NO idea why it is 192.168.2.1 I imagine that 192.168.2.1 is the other AP but why is the router pointing THAT as its gateway? Must be some tutorial I watched....

Later I see I can change that to a DHCP forward which looks good for what this AP is going to do.

Obviously I left no-ip as the address because I need pfsense to do DDNS. BTW, some of these things are obvious but Neowin is making me a good "to-do" list if I forget...

#6 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 29 January 2014 - 08:22

Hello,

I wasnt able to find the server applicance again (I downloaded it at work and now want it at home) but I was able to get the one we downloaded in the first place so....it will have to do.

The microserver should arrive tommorow (in theory) so...

#7 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 106
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 29 January 2014 - 13:20

You mean the vcenter appliance -- why do you need that? I would think you would go with 5 or 5.1 after all the talk of management of 5.5?

And even if you go with 5.5 vcenter really brings nothing to the table in a home setup.

As to your APs -- why do they even need gateways? For what reason does the AP actually have to get off your network.. Why would it need to phone home for example? If you want to point to a ntp server, point to one inside your network - esxi provides ntp server, pfsense can be a ntp server, etc. Unless you need to get off the network in the ap web gui or ssh'd to it they have no need of a gateway. But yes anything that needs a gateway should point to pfsense lan IP when you get it setup.

As to when the cows come home - its a bit dated, remember I have generation on you ;)
http://idioms.thefre... cows come home

#8 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 29 January 2014 - 16:32

Hello,

You mean the vcenter appliance -- why do you need that? I would think you would go with 5 or 5.1 after all the talk of management of 5.5?

Yup. Well, I could manage it with Workstation but I still want the (free) appliance to learn from it.

As to your APs -- why do they even need gateways? For what reason does the AP actually have to get off your network.. Why would it need to phone home for example? If you want to point to a ntp server, point to one inside your network - esxi provides ntp server, pfsense can be a ntp server, etc. Unless you need to get off the network in the ap web gui or ssh'd to it they have no need of a gateway. But yes anything that needs a gateway should point to pfsense lan IP when you get it setup.

I believe they are configured like this to extend the range of the same wireless network instead of having two. Its something I read in a DD-WRT tutorial. Might be outdated.

If I understood you correctly, the aps should then be:

AP
IP: 192.168.1.6 (AP1) / 192.168.1.7 (AP2)
Sub: 255.255.255.0
GW: Blank, 0.0.0.0 or 192.168.1.1 (which is the LAN IP SIDE of pFsense)

Correct?

Good news: The gen 8 arrived today.
Bad news: The 8GBs didnt.

Im gonna go ahead and start with the pFsense setup today. ESXi is going on a USB 2.0 2GB flash drive. As for pFsense....does it apply like Workstation? I have a 1TB and select what I want to use of it for the VM?

#9 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 106
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 29 January 2014 - 18:28

Yes your AP gateway would be block or point to pfsense.

As to pfsense and 1TB?? Your nuts, it needs at most few GB for disk space ;) What do you think it would do with 1TB of disk?

As to the vcenter appliance

http://kb.vmware.com...ernalId=2007619
Downloading and deploying the vCenter Server Appliance 5.x (2007619)

pfsensedisk.png

I gave pfsense vm 4GB disk.. Its not even touching that..

[2.1-RELEASE][root@pfsense.local.lan]/root(2): df -h
Filesystem Size Used Avail Capacity Mounted on
/dev/da0s1a 2.9G 597M 2.1G 22% /
devfs 1.0k 1.0k 0B 100% /dev
/dev/md0 3.6M 60k 3.3M 2% /var/run
devfs 1.0k 1.0k 0B 100% /var/dhcpd/dev

#10 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 29 January 2014 - 22:19

Hello,

As to pfsense and 1TB?? Your nuts, it needs at most few GB for disk space ;)

NO! NO! :laugh: :rofl: Im crazy but not that crazy.

In Workstation, you have your OS installed on a 1TB HDD. When making a VM, you make a disk in Workstation (of example 20GB). What I ment is if this is the same way: Do I make a disk of say 4GB (like you, and it seems like overkill) and thats it? Or do I have to manually partition?


 

As to the vcenter appliance

http://kb.vmware.com...ernalId=2007619
Downloading and deploying the vCenter Server Appliance 5.x (2007619)

http://kb.vmware.com...ernalId=2007619
Downloading and deploying the vCenter Server Appliance 5.x (2007619)


I feel like a moron because I end up here (following the instructions): https://my.vmware.co...d=353&rPId=5008 it asks me to register, I do, then it says i cant download it ???

 

attachicon.gifpfsensedisk.png

I gave pfsense vm 4GB disk.. Its not even touching that..

[2.1-RELEASE][root@pfsense.local.lan]/root(2): df -h
Filesystem Size Used Avail Capacity Mounted on
/dev/da0s1a 2.9G 597M 2.1G 22% /
devfs 1.0k 1.0k 0B 100% /dev
/dev/md0 3.6M 60k 3.3M 2% /var/run
devfs 1.0k 1.0k 0B 100% /var/dhcpd/dev

:laugh: That 1TB thing to pfSense was a misunderstanding, sorry.


BTW, Neowin, after I get pfSense up and running Ill problably post a user review since the guy that won his Gen8, hasnt really said anything about it here and didnt post a user review. Ill try to add as much as I can and also compare it to the Neowin review :)

For now, Im really feeling iLO 4; Remember that this is very new to me so I may be easyly impressed but it looks nice to manage it. The only "but" Im for now putting is that the fan is pretty loud, even from first boot and now idle setting saying it cannot find anything to boot off.

Its obvious I have to dedicate my weekend to his box as I dont have time. Ill problably get today and tommorrow thru the ropes; As in Ive only found the web console for iLO; Havent found the Windows console yet (if there is one)

#11 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 30 January 2014 - 06:43

Hello,

Another but except this really isnt the server's fault, is that the warranty is set to expire November of this year :( Thats just where I bought it from I guess. Also, the serial number SEEMS to be specified to a Pentium, not a Celeron processor. Just little its and bits.

Been powered on all night idle. In 11-12 hours, let me see if I can get some time to at least install ESXi....

#12 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 106
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 30 January 2014 - 12:57

"the fan is pretty loud"

I told you about that - and linked to thread talking about it.

As to the disk in esxi, for pfsens just create a 4, could prob go 2 and yes pfsense will do everything to the disk you don't have to do anything. Do you have freebsd to partition with ;) pfsense runs of freebsd so you wouldn't create partitions and format with windows ;)

As to your download - did you get a trial license? That link downloads fine for me after I log in.

downloadappliance.png

#13 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 31 January 2014 - 23:32

Hello

"the fan is pretty loud"

I told you about that - and linked to thread talking about it.

Its not that bad in idle; Ill have to check under load.

I have a couple of places I can tuck it away so...

It has developed a buzz from the back fan so Im RMAing it on Monday :( Either that or a tech from HP will come by and fix it.


As to the disk in esxi, for pfsens just create a 4, could prob go 2 and yes pfsense will do everything to the disk you don't have to do anything. Do you have freebsd to partition with ;) pfsense runs of freebsd so you wouldn't create partitions and format with windows ;)

OK :)

As to your download - did you get a trial license? That link downloads fine for me after I log in.

attachicon.gifdownloadappliance.png

For some strange reason I cant find the link :s

#14 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 106
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 01 February 2014 - 11:43

the actual download - you prob don't see it unless you have gotten a trial of esxi



#15 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 01 February 2014 - 11:53

Hello,

the actual download - you prob don't see it unless you have gotten a trial of esxi

Finally found it (and a firmware update for iLO)

I feel like a "I told you so" is coming :p but the fan connectors on the Gen8 are some propitiatory 6pin connector. After HP comes to fix it, I might swap it out for a lower spinning fan and forget about fan control...