Solved

NT server as router

Posted on 2001-08-07
10
189 Views
Last Modified: 2013-11-30
How can i setup an nt server with 2nics to act as a router ?
0
Comment
Question by:kirbycd
  • 3
  • 2
  • 2
  • +3
10 Comments
 
LVL 12

Expert Comment

by:Nenadic
ID: 6359226
Each NIC must have a static IP address within an appropriate network range and with a proper subnet mask.
Neither must have a Deafault Gateway set to anything.
In IP Properties - enable IP Forwarding.

Is this NT box going to connect only the two subnets or is it part of a larger network (communicating with other routers)?

If it's only the two subnets - the job is done.

If the network is larger, you may need to set up Routing Information Protocol (on WinNT CD), as well as add some entries in the Routing Table for remote networks you are connecting to. The format for this is:
ROUTE ADD <network> <netmask> <gateway>
ROUTE ADD 192.168.100.0 255.255.255.0 192.168.1.254
0
 
LVL 55

Expert Comment

by:andyalder
ID: 6359321
>Neither must have a Deafault Gateway set to anything.
There's no reason you should not set a DG but ensure you only bind it to a single NIC. If for example one of the interfaces connects to the Internet you will have to have this as the default gateway.

To make NT remember the static routes you add you have to put -p after the route add command.

Beware that NT (SP4 and above) listens to RIP without installing the RIP service so if your routes go wrong after a few monutes make sure there is not a router advertising an incorrect static route on the network.
0
 

Author Comment

by:kirbycd
ID: 6360291
basically the scenario is this:
a small range of registered ip are available - we have used all these and require more ip addresses but want to have some ip that is not registered.
I'm trying to set up a reg ip that can access other networks as normal via a primary router, but also have a small number of 'unofficial' ip that can be attributed to printers etc that would never need to see out of the main router.
I have no access rights to the primary router, and so must look at other options . . .
0
 
LVL 12

Expert Comment

by:Nenadic
ID: 6360316
So, is one 'side' of your NT Server going to be visible on Internet? If that is the case - you are better off with a firewall with which you can implement NAT.
0
 

Author Comment

by:kirbycd
ID: 6360377
It is, but i didn't really want to implement full NAT/firewall ! - it's literally for no more than a dozen devices at most!
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 1

Expert Comment

by:CompuNerd19
ID: 6360939
What is your IP again ;)  

Anyhow, using IP forwarding on the NT machine would do the trick.  Maybe I am crazy but you could probably just use a proxy if all you want to do is have internet access for the internal computers.  You do not have to worry about the router because I doubt if it blocks port 80.  Most people like to use Microsoft Proxy 2.0 or some kinda homegrown proxy.  Just and idea, hope it helps.

0
 
LVL 55

Expert Comment

by:andyalder
ID: 6361095
Cheat, blatantly knowing you are breaking the rules and understand the consequences :-)

Say the ISP has assigned you 193.10.10.0 mask 255.255.255.248, giving you 6 legal addresses.

You cannot touch their router OK but on all the clients set the subnet mask at 255.255.255.0 !!! you can then have 254 internal hosts on the same network, no messing about with routing. Six of these machines the router will let out onto the internet as they have legal addresses acceptable to the router and the rest have private addresses that are in the same subnet as your assigned addresses. Naughty but what are the consequences?

Well it is not worth setting a gateway address on the illegal hosts since the router will drop them but if they are printers etc it does not matter. You will also not be able to connect to the real internet based host at 193.10.10.9 to 193.10.10.255 since your PC will think it's the machine over there in the corner rather than send it to the router for internet forwarding. What do you loose? you cannot talk to a copuple of hundred internet based hosts out of many millions. Chances are the rest of the 193.10.10.0 network are local companies rather than the ISP's DNS server etc so you don't want to talk to them anyway.
0
 
LVL 55

Expert Comment

by:andyalder
ID: 6361154
Another "no cost of an additional NIC solution" that has one minor problem :-)

Take an NT workstation with a single network card, bind 2 IP addresses to it, one in the ISP assigned legal subnet and one in a private 192.168.1.0/24 network and turn IP forwarding on. Connect both legal and private addresses to the same hub/switch. All DGs set to this machine and no static routes on clients. This machine DG is set to ISP router. Local routes do not need to be added.

The minor problem is that this logically multihomed machine will only run netbios (so windows sharing/browsing) on the first bound IP address, that's why we chose a workstation rather than your server.

It would be so much better if that machine with 2 IP addresses on it's single NIC was your router as it does not need to access windows shares.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 9017178
kirbycd,
No comment has been added lately (719 days), so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area for this question:

RECOMMENDATION: PAQ/No Refund

Please leave any comments here within 7 days.

-- Please DO NOT accept this comment as an answer ! --

Thanks,

lrmoore
EE Cleanup Volunteer
0
 

Accepted Solution

by:
YensidMod earned 0 total points
ID: 9114871
Question is PAQ'd and no points refunded.

YensidMod
Community Support Moderator @Experts Exchange
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now