Solved

Windows 2000 server + ICS + multiple public ip's

Posted on 2003-12-03
11
3,036 Views
Last Modified: 2010-03-19
Ok, so here's my problem.

I currently have a home network that includes a machine acting as a server (windows 2000 server installed) and 3 other computers (windows 2000 installed).

the server shares internet to other computers using ICS.  I now have 5 new ip's from my isp, and until I get everything updated regarding dns and other stuff, I want to have the server have at least 2 public ip's (the current one, and one of the new 5)

So, what I have done is add a second Ip to the server.  Server correctly uses the first (current) ip as main ip, and second ip (new one with a higher metric number) responds to pings, and can be assigned directly for stuff...

the problem i have is regarding the other pc's that share internet though ICS from the server.  All other machines have the new ip as the public one.  I dont know why it does this, but i've tried various web pages that list yer public ip, and in every case the new one shows up, instead of the old one...

what am I doing wrong?  how can I have all pc's use whatever ip I have as primary one on server?

thanks!
0
Comment
Question by:teinsa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
  • +1
11 Comments
 
LVL 5

Expert Comment

by:mapledrums
ID: 9869653
Could you do a "ipconfig /all" of the server & one of the clients ? Also, do a route print of the server & one of the clients ? Post the results here so that we can check them. Somehow, the clients obtain the secondary IP of the server first before the primary IP comes into the picture.
0
 

Author Comment

by:teinsa
ID: 9869813
I dont have the pc's infront of me atm, i need to connect new screens, hehe...  quick question before i cvan post that info:

what defines an ip to be primary or secondary?  The metric number right? (I call it metric cause my windows 2000 server is in spanish and its written Metrica, dunno if thats the correct translation)

the lower the metric number, the higher priority it has...  so if one ip is metric 1, and other is metric 2, the primary ip will always be the one with metric 1, correct?

anything else defines an ip as primary???
0
 
LVL 5

Expert Comment

by:mapledrums
ID: 9869923
Out of curiousity, how did you configure the secondary IP address ? If you're using the "Alternate IP Address" tab, then that wouldn't be correct. I assume you have 2 network cards on the same subnet doing something like load balancing/link redundancy or something similar.

Have a look at this: http://www.lancanyon.com/autonet.htm
0
Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

 
LVL 5

Assisted Solution

by:mapledrums
mapledrums earned 150 total points
ID: 9869935
And yes, you're right, the route with the lowest metric is selected if they is more than 1 path to the destination.

http://www.microsoft.com/windows2000/en/server/help/default.asp?url=/windows2000/en/server/help/sag_TCPIP_imp_routing_table.htm
0
 

Author Comment

by:teinsa
ID: 9870010
nope, one network card is connected to broadband modem, with two ip's in tcp/ip, second network card has local ip (ics defaults)
0
 
LVL 18

Accepted Solution

by:
chicagoan earned 200 total points
ID: 9870093
You'll have to add the IP's to the external interface manually.
You'll proably want to move to full routing and remote access, dns and dhcp.
IP's are neither primary or secondary -  routing table determines path and source address
Gateways and DNS have a hierarchy.
 
http://support.microsoft.com/default.aspx?scid=kb;en-us;299801

I would be looking for a used 2514 or something along those lines to use as a router and a box to use as a firewall... preferably some *nix variant and uncomplicate your windows server.
0
 
LVL 2

Assisted Solution

by:steven_alilovic
steven_alilovic earned 150 total points
ID: 9879005
Instead of configuring ICS, I would look at configuring NAT. It provides that same services but with added benefits.

This is the microsoft article on configuring Windows 2000 NAT
http://support.microsoft.com/?kbid=299801

This link is how to configure the clients (win9X/W2k/XP) to use NAT
http://support.microsoft.com/?kbid=300851

THis link has all the screen shots required to setup NAT
http://www.computing.net/howto/advanced/2000nat/NAT.pdf

This is the good microsoft article for Small/Medium Business Setup
http://www.microsoft.com/technet/treeview/default.asp?
url=/technet/prodtechnol/windows2000serv/deploy/depopt/w2kgate.asp
0
 
LVL 2

Assisted Solution

by:steven_alilovic
steven_alilovic earned 150 total points
ID: 9879057
I should also make note that to add additional IP address give to you by your ISP. Simple go to the TCP/IP properties of the external interface. Under the advanced options, you will have a tab call IP Settings. You then simply need to added each additional IP address.  If you wish to then statically assign this IP addresses to internal addresses this can be done under Route and Remote Access config options.

0
 
LVL 5

Expert Comment

by:mapledrums
ID: 9883436
steven_alilovic is right. It is advisable to use NAT & a firewall if you're facing the Internet, to prevent unauthorised stuff from coming into your network. The other thing I've been curious about all along was why do you require 2 IP addresses for the server.
0
 

Author Comment

by:teinsa
ID: 9926652
I've decided on a Cisco PIX 501 firewall...  should arrive later today...  so NAT and a well configured firewall should do the trick.  thanks guys.
0
 
LVL 5

Expert Comment

by:mapledrums
ID: 9929832
Thanks for the points. Good luck on your setup!
0

Featured Post

SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question