[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 176
  • Last Modified:

2 NIC Not Talking

I want to install a second NIC in a PC, so the PC can talk to both networks.
NIC-A is attached to production network
NIC-B is attached to admin network that's on the internet.
Question: Running XP SP2 how do I ensure that this PC DOESN'T bridge the networks internally?
0
rlbeasley
Asked:
rlbeasley
  • 3
1 Solution
 
adamdrayerCommented:
1. Make sure RRAS is disabled
2. Manually set this registry setting: (if necessary)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\
IPEnableRouter = 0
0
 
carl_legereCommented:
there not going to be bridged unless you bridge them, and they become one unit, a network bridge.  The trick to doing this and obtainting the results you want is clever route commands.
splain more and draw a quick diagram we'll help with route commands needed to make it all work
0
 
adamdrayerCommented:
Not bridging network connections still allow the possibility of traffic passing from one network to the other.  I think the author may have accidently used the wrong term.  I believe he is looking to prevent traffic from his admin network from ever interfering with the production network.

Bridging network connections will allow Layer2 broadcasts to pass transparently across the NICs, which allows a single IP subnet across multiple segments.  If you want to keep your networks seperate, then you definately don't want to do this.  If you are also looking to make sure that your production network isn't exposed to internet traffic, you will have to turn off the routing capabilities.  Also make sure that NIC-B has a default gateway but NIC-A does not.

If you are looking to keep malicious software out of your production network though, there is one problem with this setup.  The computer that has 2 NICs (multihomed) runs the risk of being infected by some nasty program thru NIC-B.  It can then spread to the production network thru NIC-A and it won't technically be passing from one NIC to the other.  It will actually be originating with the infected machine which is technically part of the production network.
 
0
 
rlbeasleyAuthor Commented:
What if I was to install something like ZoneAlarm on the PC.  Work it affective block anything to the production network, expect for the PC itself.
0
 
adamdrayerCommented:
That's not really what zonealarm is for.  Although ZoneAlarm is very configurable and highly effective.  The only sure way to protect a network is to ensure that no computer on it has access to another un-protected network.
0

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now