Solved

How do I enable DHCP on only one network interface?

Posted on 2008-10-11
4
1,254 Views
Last Modified: 2013-11-05
I have a Windows 2003 Server with two network cards.  One interface is a part of our corporate network and the other is going to be serving up IP's for a separate network.  I may just be missing something but I need to be sure that the DHCP server on this host does not answer for DHCP requests on the corporate network.
0
Comment
Question by:masoncooper
  • 3
4 Comments
 
LVL 38

Accepted Solution

by:
ChiefIT earned 500 total points
ID: 22695042
DHCP snapin>>right click the server in question>>Select properties>>select the Advanced tab>>select binding

You can disable any binding from providing DHCP
0
 
LVL 2

Author Closing Comment

by:masoncooper
ID: 31505342
Exactly what I was looking for.  Thanks!
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22695164
Glad that works for you. Thanks.
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22701090
I would like to add>> (you might also see problems with these protocols on a Multi-homed 2003 server)

Don't forget about Netbios, DNS and the default gateway:
(((DNS))) (Can cause intermittent communications or loss of contact with the server)
To prevent from DNS binding to the outside NIC or IP address, there are a couple things you will need to do. One is you need to prevent it from registering the SRV records in DNS. The second is you need to clean out DNS of any SRV records to the outside NIC. The third is, you need that outside NIC to not register with DNS.

Step 1) To resolve these issues, Follow this link: (NOTE: By default, 2003 server registers both NICs SRV records in DNS)
 -- http://support.microsoft.com/?id=832478
Step 2) Once you prevent bot SRV records from registering in DNS when the netlogon service restarts, then you need to prevent it from registering its DNS records in DNS. To do this go to the NIC configuration>> TCP/IP properties>>Advanced Button>>DNS tab and disable the ability of the NIC to register its DNS settings in DNS
Step3)) Once you have disabled the ability to register that outside NICs DNS address, then you must remove all HOST A, SRV, and cached records of that outside NIC. I assume you already know how to remove HOST A records. To remove DNS cache, go to the command prompt and type IPconfig /flushDNS. To remove the SRV records, pleas follow the advice on this link:
http://support.microsoft.com/kb/241515

(((NETBIOS)))
(can cause missing computers in My network places, intermittent communications with mapped drives, the inability to use the browser and connect via computer name UNC paths)

Preventing Netbios is a little more difficult to do on various types of Multihomed domain controllers. Not always does a DC use WINS when dealing with netbios. So, this is a bit more involved.

To prevent Netbios from binding to the outside binding or VPN connection binding, you must go to that binding and remove the ability of it to do ""Netbios over TCP/IP"" or ""Netbios over DHCP"".
For a VPN connection and Dual NICs:
Right click "My network Places">>select "properties">>right click "VPN connection" or the Second NIC>>Select "Properties" >>Select "TCP/IP">> Go to Properties>>Go to the "WINS" Tab>> and prevent it from providing "Netbios over TCP/IP" and also prevent it from performing "Netbios over DHCP"

Disabling File and Print sharing:
You may also wish to disable your outside NIC from broadcasting out your files and printers to the outside world. To do this, disable File and print sharing.

Other things to look out for:
(((Default Gateway)))
(Can cause problems with communicating to the outside world web sites)
You should have one single gateway for your multihomed NICs. If you are routing over your server, it should be the outside NIC that has a gateway configured. If you have the second NIC to communicate with a few nodes on the network, your Domain, side NIC should have the gateway configured. So, this is domain specific.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now