Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 157
  • Last Modified:

Bridge two nics for terminal server 2000 to work

Here is the scenario.
i have a windows 2000 server running terminal server.  
It has an nic with an external ip address
it has an nic with an internal ip address
they cannot do nat translation due to their current setup.

I guess my question is, how do you bridge the two nic cards together so when they hit their external ip it translates to their internal ip.

Or will I have to make a user on the server itself for each user who wants to log in.  They will be RDP into their workstations from that point on.  I just want to eliminate them from using the administrator login to get into the network.
0
Yves Mellet
Asked:
Yves Mellet
  • 2
2 Solutions
 
mikeleebrlaCommented:
you are asking two questions that are really not related at all... one asking about network setup, and the other about windows user accounts.

the proper way to do this would be to have a router/firewall to the address forwarding for you.  it is REALLY not secure to have a public IP assigned directly to a server.  so your setup would be

internet-----router/firewall-----switch--------Terminal server with one NIC w/ an internal IP address

the router/firewall would translate the pulic ip to the private IP of your Terminal server (for port 3389 only -thats the port that TS uses)  
this setup would be much cleaner and much more secure than what you are trying to do now.

now,, i really have no clue what you are asking about the user accounts,,,,, do you have a domain setup? can you explain more about why you think you need accounts on the TS and elsewhere??
0
 
Yves MelletAuthor Commented:
They do not have a firewall or router.  That is why i have the two nics.  If they RDP to the server then they try to log into it via domain (which I know they cannot, because the outside ip address cannot connect to the domain) and it fails - thats a given.   BUT when they try to log onto the local computer with a user that I created it also fails.  I can only have them login if they have admin rights.  Even if I put the user into the "logon locally" group in local security settings, they still cannot login unless they have admin rights.  

Is there a way I can have them login without giving the power to the server?  
0
 
RobertoEscalanteTroncoCommented:
Isa Server does the translation for you.
To get the users logged on the terminal server
0
 
Yves MelletAuthor Commented:
Thanks and sorry for taking so long.  i will just have to buy a firewall and router so that the nic will not be exposed to the outside so that I will not have to do Isa.  

Thanks
0

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now