?
Solved

Server 2003 Standard with 2 NIC Card (WAN and LAN)

Posted on 2009-04-27
7
Medium Priority
?
1,220 Views
Last Modified: 2012-08-13
Hi Experts,

Please see attached network diagram for reference.

We need to setup 2nd NIC card that can access our office network. Trade Point and Web Site both need to access our database on SERVER4. If I setup to access database through internet that will create extra traffic on our both internet connections. In network diagram see RED connection that I want to setup. And we need isolation between that two network connections on the web server (i.e. Network connection 1 must not access anything on network connection 2).

How can I setup 2nd NIC that will only access particular port to particular server?

Do I need to buy any extra hardware/software to do this?

Thanks in advance.

Please feel free to ask if you need more information.

Nik
Network-Diagram.jpg
0
Comment
Question by:nikunj_it
  • 5
7 Comments
 
LVL 3

Expert Comment

by:qualchoice-it
ID: 24247495
If i'm reading this correct your wanting to isolate a NIC to a single port for a single server.

Just configure the TCP/IP settings for that 2nd NIC to sit on the same subnet as the server you want to access.

Example:

NIC2 Settings:
192.168.1.10
255.255.255.0
192.168.1.1

Isolated Server NIC Settings:
192.168.1.11
255.255.255.0
192.168.1.1

0
 
LVL 4

Author Comment

by:nikunj_it
ID: 24247554
hi qualchoice,
Thanks for your reply. But only TCP/IP settings will not work.
My office network is on 192.168.0.x subnet and web server is on 192.168.1.x subnet.
If I setup two NIC on Web server using following TCP/IP settings:
NIC1:
192.168.1.2
255.255.255.0
192.168.1.1
NIC2:
192.168.0.11
255.255.255.0
192.168.0.1
I need isolation between this network connection on same server. And don't want to setup load balancing. Just want to use NIC2 to access our server on particular database server port.
Hope this information will help you to understand my issu.
Thanks
Nik

0
 
LVL 56

Expert Comment

by:andyalder
ID: 24252378
You only set one default gateway, for the isolated LAN you use a static route to the remote network instead using the route add ... -P command. You can then use port filtering on the isolated NIC to block all but port 80 or whatever you use to increase security and of course do not enable routing under RRAS.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 4

Author Comment

by:nikunj_it
ID: 24310135
I have order 2nd NIC and will get it by tomorrow. I will let you know how I go once finish the setup.
0
 
LVL 4

Author Comment

by:nikunj_it
ID: 24331752
Hi Experts,
I am little bit confused with add -p command. I need to bind port 1433 (SQL Server) to LAN2. Can you please suggest me how add -p command should be?
See following ipconfig from the server:
Windows IP Configuration
   Host Name . . . . . . . . . . . . : MyWebServer
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Server Adapter
   Physical Address. . . . . . . . . : 00-04-13-DE-C8-2E
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.0.25
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :

Ethernet adapter Local Area Connection:
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC
   Physical Address. . . . . . . . . : 00-24-1D-10-50-DE
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.1
Thanks.
0
 
LVL 4

Author Comment

by:nikunj_it
ID: 24733928
still searching for answer...
0
 
LVL 4

Accepted Solution

by:
nikunj_it earned 0 total points
ID: 25474227
-p option didn't work for me. I have setup 2nd NIC to access internal network with following settings:
NIC1:
IP: 192.168.1.2
Subnet: 255.255.255.0
Default Gateway: 192.168.1.1
DNS Server: 192.168.1.1
NIC2:
IP: 192.168.0.100
Subnet: 255.255.255.0
Default Gateway: none
DNS Server: 192.168.0.10 (Local DNS server)
And it does the job for me.
Thanks experts all your help.
I would like to close this question and refund the points.
Thanks and regards.
Nik
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
In this article I will be showing you how to subnet the easiest way possible for IPv4 (Internet Protocol version 4). This article does not cover IPv6. Keep in mind that subnetting requires lots of practice and time.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question