[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 849
  • Last Modified:

How do I properly configure 2 network cards in windows server 2003 to host 2 SSL websites

The end result of what I'm trying to do is to host 2 different SSL sites on one Windows Server machine. My current setup is as follows starting from ISP and following to the server - 1 DSL modem into 1 switch running into 2 routers, each configured with a different static public IP address. Each router is connected then to one of the 2 network cards on the Windows Server 2003 machine. The internal IP address of router A is 192.168.1.1 and corresponding network card A is 192.168.1.2. The internal IP of router B is 192.168.11.1 and corresponding network card is 192.168.11.151. Router and NIC A have been working well for quite a while hosting 1 SSL site. The problem is when we now want to host a second SSL site. My understanding is that because this is a secure site, the SSL certificate has to be tied to its own public IP. Thus, using host headers and just hosting on our other IP is not an option. It seemed that this configuration would work. It is a mirror image of the setup of the first site including port forwarding and domain name registration. This second site does actually work if I disable network card A on the server and allow NIC B to be the only one. But, as soon as I enable NIC A making the first site come back up, the second site on NIC B no longer functions. I must be missing something about how to setup dual NIC. When I configure the second NIC it gives me an error message about having 2 default gateways on the same network not working properly. I've tried to put both routers on the same subnet and that didn't help. I really think there must be some way to host 2 secure sites on one machine. Thanks.
0
andrew417
Asked:
andrew417
  • 5
  • 4
1 Solution
 
MesthaCommented:
Two NICs isn't going to work, because you cannot have two default gateways on the server.
As I see it, you have two options.
1. Get a second IP address from your ISP and put both IPs on the same NIC.
2. Get a Dual WAN router and put it in front of the server. That will allow you to have two internal IP addresses on the same NIC, with routing on the routing dealing with the traffic.

Of the two, I would do the former.

-M
0
 
andrew417Author Commented:
I would love to do the first suggestionand I even have several static IPs from my ISP, but I don't know how. First, how can I give the one network card more than one IP? Second, with both sites needing their own seperate, public IP how can I accomplish this without using 2 routers. Neither one supports dual WAN?
0
 
MesthaCommented:
If you have multiple IP addresses from your ISP then you are most of the way there.
You would need to look at your router as to how it can cope with multiple external IP addresses.
You can put additional internal IP addresses on the NIC. Bring up the properties of the NIC, TCP/IP and then choose Advanced. On the TCP/IP properties you can add additional IP addresses. They would be in the same subnet. Then just forward two different external IP addresses to the relevant internal IP address.

-M
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
andrew417Author Commented:
Thanks. So is there no way to do it without a dual wan router? If a new router is the only way, then that's what we'll have to do but, we just recently upgraded our main office and 5 remote offices to the same Linksys RVS4000 business class router. The main reason we put those in was to use its built in IPSec VPN from each branch to the main office. That has been working great and I hate to change out the router at the main office and have those VPNs not work so reliably. I cant find any way to get this router to support dual WAN.
0
 
MesthaCommented:
If you are using two different ISPs, then no, it cannot be done without a dual WAN router. Its the routing out that is the problem.

-M
0
 
andrew417Author Commented:
We actually are using one ISP. Our ISP gives us 6 or 7 static IPs in a range. Each router has one of the IPs and both routers are using the same default gateway from the ISP.
0
 
MesthaCommented:
But the point is, the traffic coming from two different gateways internally. What you need is a single router handling both IP addresses. A dual WAN router is only required if you are using two different ISPs.

-M
0
 
andrew417Author Commented:
I don't really understand that last statement. I need a single router handeling both IP addresses but a dual WAN router is only required if I have two different ISPs? Isn't a dual WAN router the the only way one router could handle both (public) IP addresses? I could be missing it, but I can't find a way to put more than one static (public) IP at a time into the router. Thanks for all your help! I know I'm just missing something here.
0
 
MesthaCommented:
You need to speak to the support company for your router to see if it can cope with multiple IP addresses. It isn't exactly unusual to have multiple IPs.
I have a Cisco device sat next to me, which is able to cope with multiple IP addresses quite happily. It is not one IP, one router, unless you are using something which cannot cope with multiple IPs.

An ISP doesn't have a single router for every IP address it manages.

-M
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now