I have a WIN2K Advanced Server running terminal services. I have both an internal (LAN) NIC and an external (WAN) NIC. The LAN NIC is configured with a 192.168.10.x mask and a default gateway pointing to my Cisco router while the WAN NIC has an Internet IP mask and a default gateway pointing to my Internet firewall. This configuration has been in service for the last 3 years. Last week I had to re-install Windows after a disk array crash. Since the new install, I get intermitant LAN outages. I did much research and found that most everyone says to only enable one default gateway. If I remove the WAN gateway, my Internet users cannot login, even though they can still ping my IP address. If I remove the LAN gateway, the server is isolated from my LAN and cannot connect to locally served applications. I checked the routing file and found that all addresses are routing with the LAN mask 192.168.10.x including those which I feel should use only the external addresses. Will editing the routing table help, or should I be looking elsewhere?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
WIN2K Dual NIC Woes
- Thread starter tman138
- Start date
You can't have 2 default gateways. What you probably had previously was either a routing protocol running (RIP or OSPF) or the server was configured with a default pointing to your Internet router and staticx persistant routes for your internal networks.
What does your internal routing table look like? - i.e. your internal subnets/networks? If they are private and contiguous you could just add a supernet or summary route to your internal router and let the Internet default take care of the rest.
The other thing you want to look at is the binding order of the NIC's - your Internal NIC should be the first and your Internet (External) NIC should be second. You should also disable all components on the External NIC except TCP/IP otherwise you leave yourself open to attack on the well-known MS Networking ports (TCP 135-139 & 445).
Andy
What does your internal routing table look like? - i.e. your internal subnets/networks? If they are private and contiguous you could just add a supernet or summary route to your internal router and let the Internet default take care of the rest.
The other thing you want to look at is the binding order of the NIC's - your Internal NIC should be the first and your Internet (External) NIC should be second. You should also disable all components on the External NIC except TCP/IP otherwise you leave yourself open to attack on the well-known MS Networking ports (TCP 135-139 & 445).
Andy
You may also need to make sure that your external interface is not registering it's connection within Active Directory DNS
Click Start/Settings/Control Panel/Network Connections
Right-mouse click the External Network Card and click "Properties"
Highlight TCP/IP and click the "Properties" button
Click the "Advanced" button
Click DNS
Uncheck "Register this connection's address in DNS"
Click Start/Settings/Control Panel/Network Connections
Right-mouse click the External Network Card and click "Properties"
Highlight TCP/IP and click the "Properties" button
Click the "Advanced" button
Click DNS
Uncheck "Register this connection's address in DNS"
- Thread starter
- #4
Contrary to all info I received, the fix to this was to have a default gateway on each NIC the internal pointing to my WAN Cisco, the external pointing to my firewall, but also point the routing table for my WAN to the IP address of my WAN's Cisco router. I established persistant routes for the WAN pool of IP addresses and all has been stable for over a month now.
sab4you
IS-IT--Management
- Jan 30, 2003
- 269
Yeah, the real deal is you cannot have different gateway ip addresses.
So when people say you can only have one gateway, thats what they mean. If you put the same gateway on multiple nics, it should work the same, just extra work for ya.
glad u got it working...
So when people say you can only have one gateway, thats what they mean. If you put the same gateway on multiple nics, it should work the same, just extra work for ya.
glad u got it working...
- Thread starter
- #6
- Status
Similar threads
- Locked
- Question