Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1541
  • Last Modified:

Using 2 Network Adapters with Windows 7

I have two local LAN networks with some XP, one Vista, a few W2000 systems and now a new Windows 7 system.

One network is for internet only and is connected with a router to a DSL modem. The router's IP is 192.168.0.1. The local IP addresses will be received from that router using DHCP. The only service used for those network adapters is TCP-IPv4.

The second network is for local data exchange only. It is workgroup based and the leading XP system has IP address 192.168.1.1. All computers have a second networkcard which is connected to a local switch.

Both networks were working.

Now the problem: For Windows 7 I used  an Asus board with 2 Gigabit Network Adapters and achieved to configure those adapters to work like those of the other systems. I already achieved to copy most of the files from my main XP system using the second connection. But for unknown reasons the connection doesn't work anymore since a week or so. The issue is that the local net became a 'public network' and whatever I did since I recognized that my local net wasn't available in the explorere, I didn't achieve to both add an IP address like 192.168.1.9 and make the network a 'workstation-based' non-public network. The wizard always 'solved' my problem by activating DHCP and removing my IP address. However, the first network already is DHCP-driven and I don't want (and need) to mix thoses servcies. If I insist on setting a fixed IP address The network connection became a public network and isn't be available for local connection.


 
0
itsmeandnobodyelse
Asked:
itsmeandnobodyelse
  • 12
  • 9
1 Solution
 
ChiefITCommented:
You have me puzzled:

Why two adapters. Under the same IP space, (which can be a private IP, you can route through the internet and have better ITsec.

The second adapter is called multihoming a PC. This can be done if configured exactly right. However, it still poses some problems with the routing table as well as Netbios.

I guess I don't understand the design of the network.

Since you assigned this into the DHCP and netbios zones, I believe you have problems with these adapters with those two protocols. I have a thread that has helped out some people configure multiple adapters. But, I still recommend you go to one single adapter and you will still be under the same Local Area Network with the router as your gateway to the outside world.

Mutihomed computers are troublesome because of how it messes up the ARP table as well as DNS, DHCP and Netbios>

Please read the entire thread, including follow up comments:
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23806816.html
0
 
itsmeandnobodyelseAuthor Commented:
>>>> Why two adapters.

I do it that way for more than 15 years, even for my notebooks (here the WLAN goes to 'internet' and the normal network adapter to the local net). The 'internet' network has only the TCP/IP available while MS file and print services are for the 'local net' only.  The different C net mask doesn't make it possible to switch between the networks.

>>>> I believe you have problems with these adapters with those two protocols.
It must be a problem with Windows 7 as I never had problems to configure two C nets for 192.168.0 and 192.168.1 before. Actually I firstly hadn't a problem with Windows 7 either but for any reason - my antivirus? my firewall? an update? - my second network now turned to a 'public network' and therefore was not available in the explorer.  

How can I make it to a non-public network at Windows 7 but have fixed IP addresses rather than variable IP addresses from DHCP?

0
 
itsmeandnobodyelseAuthor Commented:
>>>> my second network now turned to a 'public network' and therefore was not available in the explorer.  

It turned out that the 'public network' is not the main problem. My system with Vista Business also has the local net as 'public network'  but nevertheless it shows the computers of the local net including the new Windows 7 system.

When I try to access the W7 from Vista I get an error message (localized text) which could be translated similar to

  "COREI7" is not configured for opening a connection with this computer at port 'File and Printer Sharing' (SMB).  

The COREI7 is my Windows 7 computer.

Seems that either my Antivirus or my Firewall are preventing access to the system.

0
 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

 
ChiefITCommented:
Well, sure the AV or Firewall can be blocking Netbios ports.

The ports you are looking at for SMB shares are:

port 137 WINS/Netbios port TCP
Port 138 Netbios datagram port UDP
and Port 139 Netbios datagram port UDP and TCP

But, multihoming the computer can also cause serious networking problems above and beyond Netbios translation.

I think you would be much happier with on NIC connections to one computer.
0
 
itsmeandnobodyelseAuthor Commented:
>>>> I think you would be much happier with on NIC connections to one computer.
actually my requirements are low to nothing. I only need file transfer in my local net. The XP computer is going to be replaced by the new W7, so I simply need some shares of the W7 being writeable from any other computer in the C net with 192.168.1.

I now have:

  CORE2DUO    XP          192.168.1.1
  COREQUAD    VISTA     192.168.1.5
  COREI7          W7/64   192.168.1.43
  a few others ...

which all were connected by ca
0
 
itsmeandnobodyelseAuthor Commented:
.... cable to a 8-port gigabit-switch (no routing).

I can copy files from CORE2DUO to COREQUAD and then draw files at COREI7 from COREQUAD. That is better than nothing but - as told - I already had it better so that all computers were recognized by all participients in the same workgroup and that all writeable shares could be accessed from everywhere.
0
 
ChiefITCommented:
OK, lets configure this to allow certain nodes on the network to do what they are designed.

Switches are for Intra Network traffic.

Routers are used to route to the internet.

Servers provide application level services like DNS, DHCP, and active directory.

So, let's configure the router to route, the switches for internal traffic, and the server to provide application level services.

ONE NIC per computer to a switch. That will put you on the same broadcast domain since they are all behinde the same router.

Disable all secondary nics, unplug the cords, and let's not try to fool with them.

As an example, a single nic on one server will provide for about 250 nodes on a network.

Tell me about your server. Is it providing Active Directory, Is it providing DNS? Do you have a server? If not, we can work with the router as acting on behalf of the server for some services.
0
 
itsmeandnobodyelseAuthor Commented:
>>>> Tell me about your server. Is it providing Active Directory, Is it providing DNS? Do you have a server? If not, we can work with the router as acting on behalf of the server for some services.

No, I have no server. I don't need DNS beside of identifying the local computer names. No Active Directory, nothing. All participients are members of a local 'Workgroup'  and access is via NetBios over TCP/IP.

The whole thing worked and works beside of that the W7 computer cannot be accessed from other computers (though it shows up in the network list). Even that already worked and I wonder why it suddenly didn't work though I made no changes on the working configuration.

>>>> Switches are for Intra Network traffic.
Yes, that is the purpose and nothing else.

>>>> Routers are used to route to the internet.
The router is connected via WLAN and/or via a second network adapter of each system. It is DHCP driven by router and all computers get a dynamic IP address from the router. The Internet access works at any system including the W7. I don't think that the access problems to the W7 have anything to do with the second network beside that the wizard at windows 7 always tries to solve the not working internet access on the local net and - of course - always fails to do so.
0
 
ChiefITCommented:
Ok, let's concentrate on W7:

When you enable a second nic, you may be using RRAS: RRAS stands for Routing and Remote Access Service. Effectively, it becomes a router between the two networks.

Is Routing and Remote Access service started, or installed.

The problem with RRAS, is it automatically enables Windows firewall. So will a service pack update. Even if Windows firewall appears to be disabled in services, it still is active. Multihoming any computer can mess up netbios as well.

Here's how:
The netbios redirector will bind to both nics, BUT will have a primary nic and a secondary nic. Let's say it binds to nic 2. Now, netbios translation is on the OTHER network and not your LAN.

To see what nic is bound to the netbios redirectory, go to the command prompt of the W7 comptuer and type:
Net config redir

You will be provided a list of a couple MAC addresses. along with your SMB address. The SMB address will be:

0000000000
then
(MAC1)
and then
(MAC2)
To figure out what MAC goes to what NIC, type "IPconfig /all" at the command prompt.

So, here we go with a couple of fixes:
1) -Windows firewall is on as well as RRAS, that makes your computer a router and netbios translation is not routeable. Not routeable means, it will not route off the broadcast domain. Windows Firewall blocks netbios translation. Temporarily disable Windows firewall, and let me know if RRAS is installed and the service is started.
2) - Your computer has two nics, Netbios may be bound to the second nic. You can disable netbios over TCP/IP on that second NIC or disable the second nic all together and reboot so it binds to the correct nic.
3)You have a multihomed computer. These are troublesome at best. To properly configure your NIC, you could follow all the advice on this link. Reading this entire thread will tell you how to configure a multihomed machine:
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23806816.html
0
 
itsmeandnobodyelseAuthor Commented:
The IPConfig /All shows (translated from localized output)


Windows-IP-Konfiguration

   Hostname  . . . . . . . . . . . . : COREI7
   Primary DNS-Suffix  . . . . . . . :
   Node type . . . . . . . . . . . . : Hybrid
   IP-Routing activated  . . . . . . : No
   WINS-Proxy activated  . . . . . . : No

Ethernet-Adapter Internet:

   Connection-specific DNS-Suffix:
   Description. . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address . . . . . . . . : 00-26-18-96-D6-1E
   DHCP activated. . . . . . . . .  : Yes
   Autoconfiguration activated . .  : Yes
   IPv4-Address  . . . . . . . . .  : 192.168.0.6(preferred)
   Subnet mask  . . . . . . . . . . : 255.255.255.0
   Lease received . . . . . . . . . : Monday, 28. December 2009 10:51:26
   Lease expires. . . . . . . . . . : Tuesday, 29. December 2009 14:59:58
   Standardgateway . . . . . . . . . : 192.168.0.1
   DHCP-Server . . . . . . . . . . . : 192.168.0.1
   DNS-Server  . . . . . . . . . . . : 192.168.0.1
   NetBIOS over TCP/IP . . . . . . . : Activated

Ethernet-Adapter LocalNet:

   Connection-spezific DNS-Suffix .  :
   Description . . . . . . . . . . . : Realtek PCI GBE Family Controller
   Physical Address . .  . . . . . . : 00-26-18-96-BF-CA
   DHCP activated. . . . . . . . . . : No
   Autoconfiguration activated . . . : Yes
   IPv4-Adresse  . . . . . . . . . . : 192.168.1.43(preferred)
   Subnet mask   . . . . . . . . . . : 255.255.255.0
   Standardgateway . . . . . . . . . :
   NetBIOS over TCP/IP . . . . . . . : Activated

Open in new window

0
 
ChiefITCommented:
Netbios over TCP/IP is active on both adapters. Go to the 192.168.1.43 adapter and disable netbios over TCP. Don't let it provide Netbios translation at all. To do this:

Go to NIC configuration>>TCP/IP properties>>advanced button>>WINS tab>>disable Netbios
0
 
itsmeandnobodyelseAuthor Commented:
>>>> Don't let it provide Netbios translation at all.
But that is standard for all those work-grouped based local networks.

As told I can see the Vista computer in the Explorer and get files from its shares. So, the Netbios is working principally. In the Advanced settings of my TCP/IP settings for the LocalNet they have radio boxes

  O   Standard. Use Netbios settings of the DHCP server.
        If using static IP address or no NETBIOS settings were
        provided from DHCP server, NetBios over TCP/IP is activated.

  O   NetBios over TCP/IP is activated.


  O   NetBios over TCP/IP is deactivated

were the first two lead to the same result. On my Vista system I also have the same settings and there is no problem to use the shares of that system from everywhere. I deactivated the NetBios and none of the computers of the LocalNet shows up in the explorer, not even the own CoreI7.


I think my problems come from the firewall settings. When I go to the settings they tell me that Norton Antivirus is controlling the firewall. I can't change anything in the current firewall settings.

0
 
itsmeandnobodyelseAuthor Commented:
I forget to mention that I also have two network printers on the LocalNet which both were working from any participient including the W7. So the problem isn't connection but access rights.
0
 
ChiefITCommented:
The problem is Netbios will bind to both adapters. Using your IPconfig /all you will see the mac addresses for both adapters.

Now, go to the command prompt and type
Net config redir

That will show you what adapter Netbios is bound to:
It should look like this:
0000000000    (SMB binding for file and print sharing)
MAC1              (Netbios over TCP/IP adapter for file and print sharing)
MAC2              (Netbios over TCP/IP adapter for file and print sharing)


The problem is, netbios will only bind to ONE adapter at a time. That means if NIC1 is the primary Netbios bind, then netbios will ONLY work on that subnet. It will not perform netbios broadcasts or translation on both adapters.
0
 
ChiefITCommented:
This is called a BIND ORDER. It will choose the first binding to perform netbios.

In registry, you can choose not to have a bind order and I think both adapters will respond to netbios translation. I am going to have to look that one up if you need file and print sharing on both nics.
0
 
ChiefITCommented:
For your firewall. Symantec End Point Protection blocks Netbios. I think there are ways to make exceptions. You can test this by simply "temporarily" disable SEP. Then, it can take up to 15 minutes for a PC to check back in using netbios broadcasts. If SEP is your problem or any other firewall, we will have to look on the internet to find out how to set and exception to netbios.
0
 
itsmeandnobodyelseAuthor Commented:
>>>> I am going to have to look that one up if you need file and print sharing on both nics.
Thanks but filesharing and printer I do need only for the LocalNet. The Internet has only TCP/IP (not even Microsoft Client service).

Any idea how to configure the firewall?
0
 
itsmeandnobodyelseAuthor Commented:
>>>> Any idea how to configure the firewall?

Forget the question. I didn't read your last comment.
0
 
itsmeandnobodyelseAuthor Commented:
Bingo. I added a new rule to the Norton Security Firewall Settings where I allowed all protocols and computers of my local subnet for incoming connections. After that I could access my shares from the VISTA computer. Moreover I additionally could see the XP system (CORE2DUO) from both VISTA and W7 (though I made the firewall settings only on W7). All three systems were using the same Norton Internet Security, but on W7 I had to update it to Version 2010.  

The rule should be safe cause the two subnets are exclusive. And the internet subnet doesn't supply any file sharing or other client services but was controlled only by the router.
0
 
itsmeandnobodyelseAuthor Commented:
Thanks much for your help. I actually never liked to configure network settings - especially on Windows - but your answers showed me the way to go.
0
 
ChiefITCommented:
Just rememeber, without WINS or an LMHOST configuration, your file and print sharing are STUCK on your LAN and blocked by the router. In other words, netbios broadcasts are stopped by the broadcast domain router.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 12
  • 9
Tackle projects and never again get stuck behind a technical roadblock.
Join Now