• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 579
  • Last Modified:

Assign a Different Gateway based on windows login

We have 2 DSL Lines and two firewalls/gateways.  I am running a Windows 2003 Domain with XP SP3 clients. I am running DHCP on the the 2003 server.
I would like to assign a different gateway to the computer based on user login. 1 gateway is used for most users and I would like to assign the second one to users needing special security settings.
I was thinking of running a script via GP on login to change it and a run a script on logoff to change it back to the default?
Or is there a way to do this directly throgh GP?
Also, Won't DHCP override any settings?
0
icsbudapest
Asked:
icsbudapest
  • 3
  • 3
1 Solution
 
icsbudapestAuthor Commented:
I would like to do this without using a static address. (I would like to assign it to a group.)
Could I maybe put something like:

netsh interface ip delete address "local area connection" gateway=all
netsh interface ip add address "local area connection" gateway=desired_gatewayIP

into a login script, then change it back with a logoff script? I'm not too familiar with how to put netsh into a vbs script. Any suggestions?

Just thinking out loud here.
0
 
Brum07Commented:
Try this


Set WshShell = Wscript.CreateObject("Wscript.Shell")
wshShell.run("netsh interface ip set address name=""Local Area Connection"" static 192.168.0.100 255.255.255.0 192.168.0.1 1""") 

Open in new window

0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
icsbudapestAuthor Commented:
Thanks for the suggestion. As I stated before, I need to change ONLY the gateway. This is because I need to apply this to a group of people, and obviously they cannot all be assigned the same static address. I will try some variations on this.
0
 
Brum07Commented:
Try this (TESTED)
Set WshShell = Wscript.CreateObject("Wscript.Shell")
wshShell.run("netsh interface ip set address name=""Local Area Connection"" gateway=192.168.1.5 gwmetric=0") 

Open in new window

0
 
icsbudapestAuthor Commented:
OK, I got it.
First, I needed to change some settings to the security group that I wanted to apply the new gateway settings to. I had to make the group a member of the "Network Configuration Operators" so they had the ability to change the gateway. I had to play with some of the network settings in the administrative template in the GPO to get it to work.

I then applied the following login script via a GPO:

Set WshShell = Wscript.CreateObject("Wscript.Shell")
wshShell.run("netsh interface ip add address ""local area connection"" gateway=10.0.0.2 gwmetric=1")

This puts the added gateway at a higher metric value then the default dhcp gateway. Then, just to make sure I don't mess up the other users, I made a logoff script  like this:

Set WshShell = Wscript.CreateObject("Wscript.Shell")
wshShell.run("netsh interface ip delete address name=""local area connection"" gateway=10.0.0.2")

I will need to test some more and make sure this works, and double check the computers in question to make sure they all have the LAN adapter as "local Area Connection", but I think this is going to work.

Thanks Brum07 for your input.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now