Assign a Different Gateway based on windows login

We have 2 DSL Lines and two firewalls/gateways.  I am running a Windows 2003 Domain with XP SP3 clients. I am running DHCP on the the 2003 server.
I would like to assign a different gateway to the computer based on user login. 1 gateway is used for most users and I would like to assign the second one to users needing special security settings.
I was thinking of running a script via GP on login to change it and a run a script on logoff to change it back to the default?
Or is there a way to do this directly throgh GP?
Also, Won't DHCP override any settings?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

icsbudapestAuthor Commented:
I would like to do this without using a static address. (I would like to assign it to a group.)
Could I maybe put something like:

netsh interface ip delete address "local area connection" gateway=all
netsh interface ip add address "local area connection" gateway=desired_gatewayIP

into a login script, then change it back with a logoff script? I'm not too familiar with how to put netsh into a vbs script. Any suggestions?

Just thinking out loud here.
Try this

Set WshShell = Wscript.CreateObject("Wscript.Shell")"netsh interface ip set address name=""Local Area Connection"" static 1""") 

Open in new window

10 Holiday Gifts Perfect for Your Favorite Geeks

Still have some holiday shopping to do for the geeks in your life? While toys, clothing, games, and gift cards are still viable options for your friends and family, there’s more reason than ever to consider gadgets and software.

icsbudapestAuthor Commented:
Thanks for the suggestion. As I stated before, I need to change ONLY the gateway. This is because I need to apply this to a group of people, and obviously they cannot all be assigned the same static address. I will try some variations on this.
Try this (TESTED)
Set WshShell = Wscript.CreateObject("Wscript.Shell")"netsh interface ip set address name=""Local Area Connection"" gateway= gwmetric=0") 

Open in new window

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
icsbudapestAuthor Commented:
OK, I got it.
First, I needed to change some settings to the security group that I wanted to apply the new gateway settings to. I had to make the group a member of the "Network Configuration Operators" so they had the ability to change the gateway. I had to play with some of the network settings in the administrative template in the GPO to get it to work.

I then applied the following login script via a GPO:

Set WshShell = Wscript.CreateObject("Wscript.Shell")"netsh interface ip add address ""local area connection"" gateway= gwmetric=1")

This puts the added gateway at a higher metric value then the default dhcp gateway. Then, just to make sure I don't mess up the other users, I made a logoff script  like this:

Set WshShell = Wscript.CreateObject("Wscript.Shell")"netsh interface ip delete address name=""local area connection"" gateway=")

I will need to test some more and make sure this works, and double check the computers in question to make sure they all have the LAN adapter as "local Area Connection", but I think this is going to work.

Thanks Brum07 for your input.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.