Bridge two nics for terminal server 2000 to work

Posted on 2006-05-17
Last Modified: 2010-04-13
Here is the scenario.
i have a windows 2000 server running terminal server.  
It has an nic with an external ip address
it has an nic with an internal ip address
they cannot do nat translation due to their current setup.

I guess my question is, how do you bridge the two nic cards together so when they hit their external ip it translates to their internal ip.

Or will I have to make a user on the server itself for each user who wants to log in.  They will be RDP into their workstations from that point on.  I just want to eliminate them from using the administrator login to get into the network.
Question by:Yves Mellet
    LVL 25

    Assisted Solution

    you are asking two questions that are really not related at all... one asking about network setup, and the other about windows user accounts.

    the proper way to do this would be to have a router/firewall to the address forwarding for you.  it is REALLY not secure to have a public IP assigned directly to a server.  so your setup would be

    internet-----router/firewall-----switch--------Terminal server with one NIC w/ an internal IP address

    the router/firewall would translate the pulic ip to the private IP of your Terminal server (for port 3389 only -thats the port that TS uses)  
    this setup would be much cleaner and much more secure than what you are trying to do now.

    now,, i really have no clue what you are asking about the user accounts,,,,, do you have a domain setup? can you explain more about why you think you need accounts on the TS and elsewhere??

    Author Comment

    by:Yves Mellet
    They do not have a firewall or router.  That is why i have the two nics.  If they RDP to the server then they try to log into it via domain (which I know they cannot, because the outside ip address cannot connect to the domain) and it fails - thats a given.   BUT when they try to log onto the local computer with a user that I created it also fails.  I can only have them login if they have admin rights.  Even if I put the user into the "logon locally" group in local security settings, they still cannot login unless they have admin rights.  

    Is there a way I can have them login without giving the power to the server?  
    LVL 5

    Accepted Solution

    Isa Server does the translation for you.
    To get the users logged on the terminal server

    Author Comment

    by:Yves Mellet
    Thanks and sorry for taking so long.  i will just have to buy a firewall and router so that the nic will not be exposed to the outside so that I will not have to do Isa.  


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Suggested Solutions

    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    For Sennheiser, comfort, quality and security are high priority areas. This paper addresses the security of Bluetooth technology and the supplementary security that Sennheiser’s Contact Center and Office (CC&O) headsets provide.  
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now