This article discusses how to configure Microsoft Windows Small Business Server 2003 for Internet access. This information applies to the most common configurations that use either one network adapter or two network adapters. The article provides configuration information for TCP/IP connectivity and for name resolution for both the local network and for the Internet. Correctly configured settings provide a stable environment for your Active Directory directory service domain.

This article does not discuss e-mail configurations, Web site configurations, or firewall packet filters.

The information in this article may be useful to help troubleshoot any one of the following situations:

• Load times are slow during the "Configuring Network Connections" phase during system startup.
• Users cannot access the Internet.
• Users cannot log on to the domain.
• The Exchange server cannot send e-mail messages, receive e-mail messages, or both.
• Event ID 5775 DNS deregistration errors are generated when a domain controller cannot unregister an individual resource record.

Windows Small Business Server 2003 was designed to be configured by using the Configure E-mail and Internet Connection Wizard. This article describes some of the configurations that are set by the wizard. For most settings, use the wizard instead of manually configuring your network. However, you may have to manually configure some settings in the scenarios that are not supported by the wizard.

The Configure E-mail and Internet Connection Wizard

The Configure E-mail and Internet Connection Wizard (sometimes known as CEICW) is designed to correctly configure settings for your network, your firewall, your Web site, and your e-mail services that are used when you connect your Windows Small Business Server 2003-based computer to the Internet. You can use the Configure E-mail and Internet Connection Wizard to configure the settings that are discussed in the "Configurations" section later in this article. You can use the wizard to change from one network configuration to another. Additionally, if the network configuration of your server becomes corrupted or changed in any way, you can restore the configuration by running the Configure E-mail and Internet Connection Wizard again.

Use the Configure E-mail and Internet Connection Wizard to configure the following connection types:

• Modem
• Direct broadband
• Broadband that uses a local router device with an Internet Protocol (IP) address
• Broadband that requires a user name and a password and uses Point to Point Protocol over Ethernet (PPPoE) connections

Note Connection types other than these four may require manual configuration.

Firewall protection options

Firewalls are very important to help keep your server and network secure. There are four scenarios for configuring firewall protection with Windows Small Business Server 2003:

• Scenario 1: Use a router or a firewall hardware device, or use firewall software that is external to the server.
  
  There are many different hardware routing solutions that also provide firewall functionality. There are also varying degrees of firewall protection with these devices. Make sure that you choose a device that meets your security requirements. Many of these devices support UPnP architecture. UPnP-certified routers are supported by Windows Small Business Server 2003 and can be configured by the Configure E-mail and Internet Connection Wizard. Additionally, there is firewall software, such as Microsoft Internet Security and Acceleration Server (ISA), that can be run on a separate computer. Firewall software that is run on a separate computer or firewall hardware that is not UPnP certified must be configured manually.
• Scenario 2: Use the Routing and Remote Access Basic Firewall functionality that is included with Windows Small Business Server 2003.
  
  Routing and Remote Access Basic Firewall is used by Windows Small Business Server 2003 to offer basic firewall protection. For additional information, visit the following Microsoft Web site:
  http://technet2.microsoft.com/WindowsServer/en/library/7c9a082b-0c5c-49d1-a1a8-5bfccc0eeb5c1033.mspx?mfr=true (http://technet2.microsoft.com/WindowsServer/en/library/7c9a082b-0c5c-49d1-a1a8-5bfccc0eeb5c1033.mspx?mfr=true)
  When you run the Configure E-mail and Internet Connection Wizard, click the Enable Firewall option. The Routing and Remote Access Basic Firewall is configured and enabled if ISA is not installed and if any one of the following conditions is true:
  • You are using a dial-up connection to the Internet.
  • You are using a direct broadband connection to the Internet. (This option requires that your server has two network adapters.)
  • You are using a direct broadband connection that requires a user name and a password.
• Scenario 3: Install and then run firewall software, such as ISA, on the server.
  
  Windows Small Business Server 2003 is fully compatible with Microsoft ISA Server 2000. Running the Configure E-mail and Internet Connection Wizard makes all configurations to ISA for server connectivity. Non-Microsoft firewall software may create conflicts with server operations if the software is not configured correctly.
• Scenario 4: Use a combination of scenario 1 with either scenario 2 or scenario 3.
  
  When it is used with a UPnP-certified router, the Configure E-mail and Internet Connection Wizard can configure both the server and the router.

Internet connection types

The following list contains the six most common connection types. The table after this list contains configuration information. You can use the Configure E-mail and Internet Connection Wizard options to configure these connection types:

• Broadband - Examples of broadband connections include cable modems, DSL, or any variant of T1.
• Modem - This type can be either plain old telephone service (POTS) that you connect to by using a modem, or it can be Integrated Services Digital Network (ISDN) that you connect to by using a terminal. The modem or terminal must be connected to the server through a Common Object File Format (COM) port or through a hardware card that is installed in the server.
  
  If you connect to POTS or ISDN by using a network router, treat that connection as a broadband connection.
• Router - A device that maintains its own IP address. (It may or may not offer firewall protection.) If you have a router that supports UPnP, the Configure E-mail and Internet Connection Wizard can configure it for you. However, you can always choose to manually configure your router.
• PPPoE - Point to Point Protocol over Ethernet. This protocol is used when your Internet service provider (ISP) requires a logon account and a password for the connection. If want to use a router, verify that the router provides PPPoE credentials to your ISP, and then treat your connection as a local router device with an IP address.
  
  Note PPPoE does not work through a router.
• Network adapters - This is the number of network adapters on the server that will be connected to the Internet and to the local area network. A two-network-adapter configuration connects one adapter to the local area network and connects the other to the Internet. A one-network adapter configuration connects a single network adapter to the local area network. A router that is connected to the local area network or to a modem that is connected to a server provides connection to the Internet.
• Configure E-mail and Internet Connection Wizard Configurations - The following table lists the options that are available to help you use the Configure E-mail and Internet Connection Wizard. Numbers 1 through 9 in the Configure E-mail and Internet Connection Wizard Option column of the table refer to instructions that are listed in the Configure E-mail and Internet Connection Wizard Options section of this article. Configuration settings for the firewall packet, for Web sites, and for e-mail are not covered in this article. Complete the Configure E-mail and Internet Connection Wizard according to your business requirements.

Configurations

Internal or single network adapter configuration

These settings are for all servers. The configuration applies to a single network adapter and to the local network connection adapter in a two-network-adapter configuration.

1. Verify the Domain Name System (DNS) pointers. To do this, follow these steps:
   1. Click Start, point to Control Panel, and then click Network Connections.
   2. Right-click Server Local Area Connection, and then click Properties.
   3. Click Internet Protocol (TCP/IP), and then click Properties.
   4. Do not select the Obtain an IP address automatically or the Obtain DNS server address automatically options. The IP address for the server local area connection must be a statically assigned address. Make any changes to the static IP address or to the subnet mask on the local network connection by using the Change Server IP Address Tool.
      
      In the Internet Protocol (TCP/IP) Properties dialog box, click the Use the following IP address option. In the following boxes, type the IP address or subnet mask, as appropriate:
      • IP address Type the static private IP address for the local area connection adapter that resides in the Local Area Network (LAN). For example, type 192.168.16.2.
      • Subnet mask Type the static subnet mask for the local area connection adapter that resides in the LAN. For example, type 255.255.255.0.
      • Default gateway Leave this box blank, or type the IP address of your router (if you are using a router).
   5. Select Use the following DNS server address. In the Preferred DNS server box, type the IP address of your server's local area connection. Leave the Alternate DNS server box blank.
      
      Important Use the IP address from the server's local area connection for the preferred DNS server on the external network connection. Do not use DNS that is provided by your ISP or router, and do not click the Obtain DNS server address automatically option.
   6. Click Advanced, and then click the DNS tab.
   7. In the table under DNS server addresses, in order of use, edit the table so that it only has a single entry for the IP address of the server's local area connection.
   8. Use the default settings for the remaining DNS properties; click to select the Append parent suffixes of the primary DNS suffix check box, and then click to select the Register this connection's addresses in DNS check box.
   9. Click the WINS tab.
   10. In the table under Windows Internet Name Service (WINS) addresses, edit the table so that it only has a single entry for the IP address of the server's local area connection.
   11. Use the default settings for the remaining WINS properties: Click to select the Enable LMHOSTS lookup check box, click Enable NetBIOS over TCP/IP , click OK, and then click OK again to return to the Network Connections window.
2. Verify the DNS server configuration. To do this, follow these steps:
   1. Click Start, point to Administrative Tools, and then click DNS.
   2. Click your server's name under DNS, and then right-click Properties.
   3. On the Interfaces tab, verify that the server's local area connection IP address is listed in the Listen On: IP Address table.
   4. Click the Forwarders tab.
   5. Under Selected domain's forwarder IP address list, type the DNS server addresses that were provided by your ISP.
   6. Click to clear the Do not use recursion for this domain check box.
   7. Click Apply, and then click OK.

Second network adapter configuration

These settings are only for servers with two network adapters. It applies to the network adapter that connects to the Internet.

1. Verify the DNS pointers:
   1. Click Start, point to Control Panel, and then click Network Connections.
   2. Right-click Network Connection (for the connection to Internet), and then click Properties.
   3. In the Internet Protocol (TCP/IP) Properties dialog box, click one of the following options:
      • Obtain an IP address automatically
      • Use the following IP address If you select this option, type the IP address or subnet mask in the following boxes, as appropriate:
        • IP address Type the static IP address that is provided by your ISP or the IP address that you want to use.
        • Subnet mask Type the static subnet mask that is provided by your ISP or the subnet mask that you want to use.
        • Default gateway Type the static IP address that is provided by your ISP or the IP address that you want to use.
2. Select Use the following DNS server address. In the Preferred DNS server box, type the IP address of your server's local area connection. Leave the Alternate DNS server box blank.
   
   Important Use the IP address from the server's local area connection for the preferred DNS server on the external network connection. Do not use DNS that is provided by your ISP or router, and do not click the Obtain DNS server address automatically option.
3. Set the binding order:
   1. Open Network Connections.
   2. On the Advanced menu, click Advanced Settings.
   3. All the local area connections and remote access connections appear in the top window that is named Connections. Use the arrow keys to move connections to the following order:
      Server local area connection (local area network adapter)
      Network connection (Internet connection adapter)
      Any additional network adapters
      (Remote access connections)
   4. Click OK.
   5. Close the Network and Dial-up Connections dialog box, and then restart the server.

Configure E-mail and Internet Connection Wizard Options

Below are the beginning steps for the Configure E-mail and Internet Connection Wizard for the nine most common configurations. See the Configure E-mail and Internet Connection Wizard Options table earlier in this article for the configuration that best matches your configuration. All the steps start on the Connection Type page. To reach this page, click Next on the Configure E-mail and Internet Connection Wizard Welcome page. To start the Configure E-mail and Internet Connection Wizard, click Start, click Server Management, and do one of the following:

• In the left pane, expand To Do List. In the details pane, click Connect to Internet.
• In the left pane, expand Internet and E-mail. In the details pane, click Connect to Internet.

1. Two network adapters - direct connection to broadband
   1. On the Connection Type page, click Broadband, and then click Next.
   2. On the Broadband Connection page, under My server uses a direct broadband connection, click Next.
   3. If your network connection to the Internet is disabled, you will receive the Network Connection, You must enable and configure the network connection to your ISP page. If you do not receive this page, go to step e. On this page, under Connection name, click Network Connection.
   4. Configure IP settings according to the requirements of your ISP, and then click Next. (The network connection is now enabled.)
   5. On the Network Connection, You must click the connection for your ISP and local network page, under ISP network connection, click Network Connection.
   6. Under Local network connection, click Server Local Area Connection, and then click Next.
   7. On the Direct Broadband Connection page, next to Preferred DNS server and Alternate DNS server, type the IP addresses that are provided by your ISP. To change the Default gateway setting, type the default gateway IP address if the IP address is not provided by DHCP. Click Next.
   8. Complete the Configure E-mail and Internet Connection Wizard.
2. Two network adapters - direct connection to broadband with PPPoE
   1. On the Connection Type page, click Broadband, and then click Next.
   2. On the Broadband Connection page, under My server uses, click A connection that requires a user name and password (PPPoE), and then click Next.
   3. On the PPPoE Connection page, under PPPoE connection, click an existing connection, or create a new connection.
   4. Verify that the ISP user name and password match the information that your IPS provided. Configure the static IP address if appropriate, and then click Next. If your network connection to the Internet is disabled, the Network Connection page appears. If the page does not appear, go to step e. On the Network Connection page, configure the IP settings according to the requirements of your ISP, and then click Next.
      
      The network connection is now enabled.
   5. On the Local Network Connection page, under Connection Name, click Server Local Area Connection, and then click Next.
   6. Complete the Configure E-mail and Internet Connection Wizard.
3. Two network adapters - manual router connection to broadband
   1. If you receive a dialog box that says that a UPnP router was detected and you want to configure the router automatically, go to the "Two network adapters - UPnP router connection to broadband" section.
   2. Click No to the question "Do you want the wizard to configure the router?"
   3. On the Connection Type page, click Broadband, and then click Next.
   4. On the Broadband Connection page, under My server uses, click A local router device with an IP address, and then click Next.
   5. On the Router Connection page, next to Preferred DNS server and Alternate DNS server, type the IP addresses that are provided by your ISP. In the Local IP address of router box, type the IP address of the router that the server uses to connect to the router.
   6. Click to clear the My server uses a single network connection for both Internet access and the local network check box, and then click Next.
   7. On the Network Connection, You must enable and configure the network connection to your ISP page, under the Connection Name, click Network Connection.
   8. If your router provides DHCP, click Obtain an IP address automatically (use DHCP). If your router does not provide DHCP, click Use the following IP address, and then type the IP address and the subnet mask in accordance with the router settings. The default gateway is the IP address of the router.
   9. Click Next.
      
      The network connection is now enabled.
   10. On the Network Connection, You must click the connection for your ISP and local network page, click Network Connection under the ISP network connection.
   11. Under the Local network connection, click Server Local Area Connection, and then click Next.
   12. Complete the Configure E-mail and Internet Connection Wizard.
4. Two network adapters - UPnP router connection to broadband
   1. Before you run the Configure E-mail and Internet Connection Wizard, make sure that the network connection to the router is enabled, that the cables are connected, and that the router is turned on.
   2. A message that reports that the UPnP router was detected appears. If the message does not appear or if you want to configure the router manually, go to the "Two network adapters - manual router connection to broadband" section.
   3. On the Do you want the wizard to configure the router? page, click Yes.
   4. On the Router Connection page, the values will be populated by the UPnP router. Type different values if the values that you want are different.
   5. Click to clear the My server uses a single network connection for both Internet access and the local network check box, and then click Next.
   6. On the Network Connection, You must enable and configure the network connection to your ISP page, under Connection Name, click Network Connection.
   7. Click Obtain an IP address automatically (use DHCP), and then click Next.
   8. On the Network Connection, You must click the connection for your ISP and local network page, click Network Connection under ISP network connection.
   9. Under Local network connection, click Server Local Area Connection, and then click Next.
   10. Complete the Configure E-mail and Internet Connection Wizard.
5. One network adapter - manual router connection to broadband
   1. On the Connection Type page, click Broadband, and then click Next.
   2. On the Broadband Connection page, under My server uses, click A local router device with an IP address, and then click Next.
   3. On the Router Connection page, next to Preferred DNS server and next to Alternate DNS server, type the IP addresses that are provided by your ISP. In the Local IP address of router box, type the IP address of the router that the server uses to connect to the router.
   4. Click to select the My server uses a single network connection for both Internet access and the local network check box, and then click Next.
   5. A message may appear that warns that the firewall that is provided cannot be configured. You are offered a chance to view information about configuration settings for an existing firewall device.
   6. On the Network Connection page, click Server Local Area Connection under the Connection Name.
   7. Click Next.
   8. Complete the Configure E-mail and Internet Connection Wizard.
6. One network adapter - UPnP router connection to broadband
   1. Before you run the Configure E-mail and Internet Connection Wizard, make sure that the network connection to the router is enabled, that the cables are connected, and that the router is turned on.
   2. A message that reports that the UPnP router was detected appears. If the message does not appear or if you want to configure the router manually, go to the "Two network adapters - manual router connection to broadband" section.
   3. When the wizard prompts you to indicate whether you want to configure the router, click Yes.
   4. On the Router Connection page, the values will be populated by the UPnP router. Type different values if the values that you want are different.
   5. Click to select the My server uses a single network connection for both Internet access and the local network check box, and then click Next.
   6. A message may appear that warns that the firewall that is provided cannot be configured. You are offered a chance to view information about configuration settings for an existing firewall device.
   7. Complete the Configure E-mail and Internet Connection Wizard.
7. One network adapter - direct connection to broadband with PPPoE
   1. On the Connection Type page, click Broadband, and then click Next.
   2. On the Broadband Connection page, click A connection that requires a user name and password (PPPoE) under My server uses, and then click Next.
   3. Under PPPoE connection, click an existing connection or create a new connection. Make sure that the contents of the ISP user name box and the Password box match the user name and password that your ISP provided. Configure the static IP address if it is appropriate, and then click Next.
   4. Complete the Configure E-mail and Internet Connection Wizard.
8. Two network adapters - modem connection to POTS/ISDN
   1. On Connection Type page, click Dial-Up, click Next.
   2. On the Dial-up Connection page, under Dial-up connection, click an existing connection or create a new connection.
   3. Under PPPoE connection, click an existing connection or create a new connection. Make sure that the contents of the ISP user name box and the Password box match the user name and password that your ISP provided. Configure the static IP address if it is appropriate, and then click Next.
   4. Under Connection Name, click Server Local Area Connection, and then click Next.
   5. Complete the Configure E-mail and Internet Connection Wizard.
9. One network adapter - modem connection to POTS or ISDN
   1. On the Connection Type page, click Dial-up, and then click Next.
   2. On the Dial-up Connection page, click an existing connection under Dial-up connection, or create a new connection.
   3. Under PPPoE connection, click an existing connection or create a new connection. Make sure that the contents of the ISP user name box and the Password box match the user name and the password that your ISP provided. Configure the static IP address if it is appropriate, and then click Next.
   4. Complete the Configure E-mail and Internet Connection Wizard.