I need help understanding workplace network so I can shut off an old Windows server

because · Sep 3, 2015

I need help sorting out and simplifying my workplace’s network so that we can shut down an old and dying server that is causing problems.

I work in a very small office environment (six people) that, six or eight years ago, used to be several dozen people. Once serving a large construction company, today this office building, which we will be getting rid of, is minimally used. But the large IT infrastructure remains. My boss wants the servers shut off because they are dying and frequently cause problems.

We have a Charter business line come into the building and into an SMC modem. The modem then goes out the LAN1 port and into port 6 on an Endian device.

The Endian goes out via port 1 and into the wall, probably to a switch on other side of building.

In this same room but via another jack, ethernet comes in and goes into port 7 on a Dell PowerConnect 2808, on which the "managed" light is off.

So...at this point we effectively we have the following: Outside world > Modem > Endian > Computers

This PowerConnect 2808 goes to following:
• Port 1 goes to a Dell PowerEdge 2970, which no longer serves any purpose and can be unplugged without impacting anything.
• Port 2 goes to a Linksys WRT54G2 V1 wireless router, which provides Wi-Fi to the rear part of the building and is probably in bridged mode so as to not serve DHCP.
• Port 3 goes also goes to the Dell PowerEdge 2970. Again, this can be unplugged without any negative impact.
• Ports 4 and 5 are not in use
• Port 6 goes to primary server, Poweredge R310, which, to my knowledge, primarily serves the purpose of Active Directory, used to be file server and Exchange server.
• Port 7, as initially noted, is the in from an ethernet cable coming out of another port on the wall.
• Port 8 is not in use

All I want to accomplish is shutting the servers off, but the problem is that shutting off the PowerEdge R310 results in a loss of internet (not network) connectivity across the board. Nobody here uses Active Directory (they all have local user accounts), and the Exchange server is no longer in use. Other than obviously providing some sort of networking function, this server does nothing for us except cause problems.

jsmithepa · Sep 3, 2015

Maybe the PowerEdge is doing DHCP and/or DNS?

ss202sl · Sep 3, 2015

DNS going out wouldn't remove internet access immediately(machines would rely on local DNS cache). It may lose ability to go to site you hadn't gone to in a while, but anything you had been to earlier that day should work(for a while). DHCP has nothing to do with internet. If your machines are still working on the network(they can talk to other local devices), then its not a DHCP issue.

Most likely the server is providing some sort of internet access or proxy service. You may be able to see if your browser is set to use a proxy service hosted on this server.

boosted1g · Sep 3, 2015

Without seeing the complete picture an without knowing how things are configured it is possible to say for sure.

The powerconnect switch is a managed switch which has specific configurations.
The Endian is a firewall appliance.

We don't know at this point what is providing DHCP and DNS for your office.
Since there is 2 connections to the 2970 then I am wondering if that is what is providing DHCP and DNS for you. You can type ipconfig to see what the gateway is and see what devices IP address it pulls up.

To truly do this right you need to hire an IT pro to re-set this up.
The other issue is that I am guessing those old servers are running server 2003 which is no longer supported and with no exploit patches is open door to any hackers.
Because of your diminished need of infrastructure and lack of IT staff in case it breaks you should have a simpler setup without the managed switch, and as few of servers as possible. You can have one server running active directory, dhcp, and dns (and I am hopping your current server is providing a backup unless all your work is in the cloud already. Once this is setup you can get rid of the managed switch and just get a 8 or 16 port unmanaged one(or have IT guy strip away all restrictions on the powerconnect)

As stated by previous poster, your PC will still work for the short term without the DHCP and DNS server (so if that is what is the 2970 is doing). And since you don't truly know what its function was, you cant really say for sure it does not effect anything. That server could even be your backups.

because · Dec 17, 2015

I am returning to this...three months later. There are a lot of projects going on, so this has been of low priority.

boosted1g, I ran ipconfig and found that the default gateway is the IP Endian router. Furthermore, upon logging into the Endian, the networking configuration for the "RED: untrusted, internet connection (WAN)" is set to "ETHERNET (STATIC)," which leads me to believe that, yes, the R310 server is providing DHCP. Should I again reconfigure the wires and change it to "ETHERNET DHCP," or would that not work?

Also, our work is in the cloud, and we do not use Active Directory. The OS on the server is Windows SBS 2011.

Urumiko · Dec 17, 2015

It sounds like the server is functioning as a proxy or firewall of some kind. I'd just unplug it. Flatten the network, and set up a new DHCP server on any capable device.

boosted1g · Dec 17, 2015

EDITED:

The R310 could be a number of different roles.

You stated in your list that it is for Active Directory, and then latter you say no user is using Active Directory.
Have you verified that the local machines are NOT on a domain?? You can go to Control Panel and System and then see if it shows the PC as being on a domain.

While at a local PC go to command prompt and run ipconfig -all. If the default gateway, dhcp server, AND dns server IP address is the address of the Endian then you should be good, but I am willing to bet that at least on of those IPs is that of your 310 server.

It is also possible that is functioning as a Proxy Server as Urumiko suggested.

As far as STATIC on the Endian; That is on the WAN interface thus it has nothing to do with your local LAN. That is the settings your local ISP requires for a connection to their systems. The WAN interface being STATIC has no influence over the addressing of your internal LAN network.

So to recap what you need to do is first and foremost verify that your local PCs are NOT on a domain, and that they are getting DHCP and DNS from the same IP as your Endian device. If not then that is the role that the Dell 310 is doing and thus preventing internet access once disconnected.

because · Dec 18, 2015

boosted1g :

Correct, no local machine is on the domain. They are all local user accounts. We only have a few people here, so, as I understand it, everything was switched to local user accounts to remove dependency from the server.

Running Ipconfig shows that the Default Gateway is the IP of the Endian, but the IP address for both DHCP and DNS is that of the R310 server.

This morning I tried plugging the modem directly into a Linksys router (default settings) and then a machine into one of the LAN ports on the Linksys (so the Linksys would, presumably, serve DHCP), but that didn't work, either, not even after unplugging the devices for a couple minutes. I'm really confused right now as to why this didn't work. I tried the LAN port, first, but I also tried the internet in port after that didn't work...

boosted1g · Dec 19, 2015

Rookie error is assuming that the person who is giving you information is correct and knows what they are talking about. Unless they setup everything years ago or they have superior knowledge to you then you should always verify things. In a small office where everyone has thier own PC and no one jumps around they can easily have a domain and no-one even knows it is there.
So do as I said and go to the local machines and see if lists a domain in the system settings under control panel.

If the system is in fact NOT on a domain then you could disconnect the r310 server, go to each machine and remove the nic card from device manager and let the PC find and reinstall the card/driver. This will reset the connection and will reset it to static.

Now the dell switches can have a DHCP relay configured into them, thus it is telling the PCs to get DHCP from the R310 and not your Router device.

As we have already mentioned the truley best way to make sure you have all the bases covered is to simplifiy.

Reset the router/firewall device to factory setting and make sure dhcp is enabled, ditch the managed switch for a simple unmanaged switch and reinstall the nic cards for all local machines as listed earlier and that will for sure have everything up and running again.

because · Dec 21, 2015

Thanks, but I verified myself that all computers were off the domain several weeks ago. What I was noting was that I think the reason they were removed from the domain originally is because of the minimal number of computers combined with the issues with the server. I have also verified myself that AD is still running on the server...we just don't connect to it for anything other than file sharing.

Another issue here is that half the stuff isn't documented, so, for example, we can't log in to either switch's management interface, nor can we log into the modem's management interface. We can, however, manage the server and the Endian.

boosted1g · Dec 21, 2015

I see.

Simplifying to what you know is the best route here.
At minimum I would ditch the managed switch for a non-managed switch, I would also advise just ditching the Endian since a modern medium end router with SPI will be better at modern threats then a decade old firewall. An ASUS RT68U would be a good fit would dual core CPU, that will also allow you to ditch that very aged out wrt54g router.

Search

I need help understanding workplace network so I can shut off an old Windows server

because

Reputable

jsmithepa

Polypheme

ss202sl

Glorious

boosted1g

Titan

because

Reputable

Urumiko

Distinguished

boosted1g

Titan

because

Reputable

boosted1g

Titan

because

Reputable

boosted1g

Titan

TRENDING THREADS

Latest posts

Moderators online

Share this page