I have a machine on our network running Windows Server 2008 R2 (client). The machine serves as RD Gateway and backup file server. The network Active Directory domain controller is a separate machine also running Windows Server 2008 R2 (server).
The client is connected to the server via it's primary NIC and a single ethernet switch. Both are on the same subnet and when only the client's primary NIC is used, can connect to each other and authenticate AD objects without a problem. Connection to the internet from the internal network is via a single NAT gateway connected between the internal switch and a public network. RD Gateway traffic is port forwarded through this gateway to the client. This all functions as expected.
I would like, however, to connect the client machine directly to the public internet via a separate NIC. This would allow me to handle the incoming RD gateway connections without having to route extra traffic through our the internal network via the NAT gateway or do any port forwarding.
Whenever I connect the client's second NIC directly to the public network (internet), however, the machine loses it's ability to authenticate to the AD server. It's as though it's trying to lookup the AD server on the internet instead of on the local network where it resides. The local network and internet are on completely different subnets, so there should be no confusion. The domain name (xyz.local) is not even resolvable on the public internet. When I open the Network and Sharing center, it recognizes two connection, one domain connection to xyz.local and one public connection to the internet. Disconnecting the direct connection (or disabling the second NIC) resolves the problem at the expense of a direct connection.
How do I get the client to continue to authenticate to and communicate with the AD server on the local domain network via the primary NIC while still allowing it a separate direct connection to the internet via a secondary NIC?
Any ideas would be appreciated.