• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 214
  • Last Modified:

Internet Sharing between domains

I have two domains, A and B. Domain A connects to the Internet via a Sonicwall hardware firewall and all is well. I would like Domain B to connect to the Internet as well through the same Internet connection. Problem is that I have the two domain controllers using the 192.168.0.1 address on their network cards and they are on separate networks physically. I have installed another network card on the Domain B server to facilitate Internet connectivity via Domain A Internet, what else must I do to have this working? I can connect the second card from Domain B to the Domain A switch, assign an IP from that domain and Internet will work fine on the server only but the clients cannot connect unless I enable Internet Connection sharing on the connection. As you may be aware Microsoft will need the 192.168.0.1 address to enable ICS and I will end up with an IP conflict in that case. What should I do?
0
colinkhan
Asked:
colinkhan
  • 4
  • 3
1 Solution
 
darron_chapmanCommented:
If the only connection between Domain A and Domain B is through that second NIC on the 2003 server connected to the Sonicwall, then it won't matter that the Internal NIC on Domain B's server has the same IP of Domain A's server as they won't physically be able to see each other.  If this is not the case and the servers are connected through the same switching network, then you will not be able use ICS to share the connection.

Do not use ICS on a network that:

• Uses static IP addresses
• Has a Windows Server 2003 domain controller
• Uses other DNS servers, gateways, or DHCP servers
http://support.microsoft.com/kb/324286

Instead of using ICS, you could use Routing and Remote Access.  This provides a much more flexible way of sharing out an internet connection.  http://www.jsifaq.com/SF/Tips/Tip.aspx?id=7351
0
 
colinkhanAuthor Commented:
The sonicwall has a switch built in which is connected back to domain A, this is where I need to connect the second NIC from Domain B to facilitate Internet access, problem is having the clients connect to this Internet connection from Domain B since by default the Internet will not be shared unless I use ICS, and this is where the IP problem comes in...
0
 
darron_chapmanCommented:
I really think the only way to get around your problem is to not use ICS and use Routing and Remote Access (NAT).  This will allow you to set the IP of the NIC to whatever IP you want.  The second NIC on your Domain B server will be on the same subnet as the sonicwall, but the first NIC can be set to whatever IP you want.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
colinkhanAuthor Commented:
Ok but how will the sharing be facilitated for Domain B? VIa routing and remote access as well?
0
 
darron_chapmanCommented:
On server B, when you set up routing and remote access, you choose which card will be your public (Internet) connection.  This will be the one facing the Sonicwall appliance.   And you will choose which card will be your private (LAN) card, this will be the one facing the computers on Domain B.  After you have it all set up, your computers on Domain B will need to be configured to use server B's IP as the gateway and the IP of course will need to be on the same subnet.  
0
 
colinkhanAuthor Commented:
Ok I have installed the Routing and remote access on the server. What do I do next? I have Internet access on the server via the second NIC which I configured to work with the Sonicwall appliance. Do I need to create a static route and if so on which interface?
0
 
darron_chapmanCommented:
When you go into the Routing and Remote Access window, you right-click on your local server and click Configure and Enable Routing and Remote Access.  When you do that, a wizard will come up and step you through setting this up and will automatically create a static route.

Click Next
Click Network address translation
Under Use this public interface, chose the NIC facing the firewall
Click finish

Now you can go to the client computers and configure them as follows
IP: an IP on the same subnet as the servers first NIC
Subnet Mask: match what the sever has
Gateway:  IP of first NIC on server
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now