Windows 2000 Server as a Router

[unixgy]

Hello Everyone.

I have a NetGear Firewall/Router hooked up to my cable modem (192.168.1.1). Here is my network setup:

Windows 2000 Server box with two NICs (192.168.1.2, 172.168.1.1). Netmask 255.255.255.0 Default Route 192.168.1.1 for both NIC's.

Windows 98 Box (192.168.1.3) Netmask 255.255.255.0 Default Route 192.168.1.1

Windows 2000 Pro Box (172.168.1.2) Netmask 255.255.255.0 Default Route 172.168.1.1

Does anyone have a step-by-step procedure for me to setup my Windows 2000 Server box as a Router for me to access the 192 network and the Internet from my Windows 2000 Pro box?

I would then like to add a Firewall to the Windows 2000 Server box to add a layer of protection to my 172 network.

Any help is GREATLY appreciated.

Thanks, in advance.

Unixgy

 

[dholbrook]

unixgy,

Thank you for putting this as a new posting instead of attaching it to an existing post. Here is my input:

You need to explain why you need the server to be a router whan you already have a router in the network you list.

Only one of the NIC cards in the server can have a gateway address or the server will get totally confused as to where to send out information from itself to the internet (the 192.168.1.1 location).

What is the purpose of the second NIC, since you already have the firewall/router doing the routing function?

Change the Win2k Pro box to be 192.168.1.4 and only use one segment for all systems, it will greatly simplify your life.

Why do you want two different segments on the same hub? Form your description you only have one hub (the firewall/router) so why are you trying to run two segments on the same hub?

If you insist on using this configuration, then you must remove the gateway address from the server 172.168.1.1 NIC and turn on the IP relay function (routing) so the server will relay the IP traffic from the 172 segment to the 192 segment, where the firewall exists.

The routing function is accessed through the control panel, administrative tools, routing and remote access.

HTH,

David

 

[dholbrook]

Additional input:

You DO NOT want to add another firewall to the server/router, as it is already behind one firewall and adding another on the server would put the firewall in both segments. If you feel you nee an additional firewall, put it on the Win2k Pro system (Zone Alarm would work just fine, available from

http://www.zonelabs.com,

and is free!).

Again, it would help if you would explain what you are trying to accomplish, as this appears to be a Non-Domain configuration, and you are just begging for all kinds of DNS and other problems with this configuration, which appears to be on a single hub running multiple segments, etc.

HTH

David

 

[unixgy]

Hi David.

Sorry about that first post being in a different thread. It's been a while since I've used this. I thought I was starting a new thread.

Anyway, I am using this set-up as a learning experience. Hooking up a Netgear and having all my systems in the same segment is way too simple. The tough part is actually setting up a DMZ within this structure. My intent is to get CheckPoint FW-1 running on the Windows 2000 Server box at some point, creating a 192 network DMZ and protecting my 172 network. But I need to make sure everything functions from a routing standpoint before I install CheckPoint. I have Routing and RRAS installed on the Server, but I can't figure out how to configure it to get it to work. I had this same set-up utilizing a Linux box running RedHat's firewall instead of the Win2k Server box. I had to add some IP Forwarding things, but I got it to work. Can't figure this out with Windows though.

Internet
|
FireWall (NetGear)
|
-----------
| | |
| | | 192 Network (DMZ)
|
FireWall (Win2K Server - CheckPoint)
|
---------
| | |
| | | 172 Network

I guess my question is, with the preceding setup, how do the 172 Network workstations access the Internet?

Any help greatly appreciated.