csg_int_it
asked on
One server, 2 NICs, 2 default gateways
I have looked through the other posting about multiple default gateways but I am not seeing what I am looking for.
I have a Windows 2003 server that has two NIC cards. One NIC is connected to our internal network. The other is connected to our DMZ. Each of them have their own default gateway.
This server is our FTP and other web services server. It will work fine for a while and then internal and external users cannot connect to the server. I have to disable and enable both interfaces for the problem to clear itself.
There have been posts regard the Routing and Remote Access service. This looks to be the answer but I still don't understand how to configure RRAS to fix the problem I am having.
There are 500 points to the person who can help me get this issue resolved.
Thank you very much,
Mike
I have a Windows 2003 server that has two NIC cards. One NIC is connected to our internal network. The other is connected to our DMZ. Each of them have their own default gateway.
This server is our FTP and other web services server. It will work fine for a while and then internal and external users cannot connect to the server. I have to disable and enable both interfaces for the problem to clear itself.
There have been posts regard the Routing and Remote Access service. This looks to be the answer but I still don't understand how to configure RRAS to fix the problem I am having.
There are 500 points to the person who can help me get this issue resolved.
Thank you very much,
Mike
ASKER
jeffmorlen,
Is port forwarding the same as NATing?
Mike
Is port forwarding the same as NATing?
Mike
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
>>> Is port forwarding the same as NATing?
No.
Nat = Network address translation. Mapping a full network like an internal 192.168.1.x network onto one IP address (maybe your public IP)
Port forwarding = when traffic comes in on a port on this public address (like port 80) then forward it to the right box on the inside. So if you had a web server on 192.168.1.50 then you would port forward all port 80 traffic to that box.
No.
Nat = Network address translation. Mapping a full network like an internal 192.168.1.x network onto one IP address (maybe your public IP)
Port forwarding = when traffic comes in on a port on this public address (like port 80) then forward it to the right box on the inside. So if you had a web server on 192.168.1.50 then you would port forward all port 80 traffic to that box.
When you setup a default gateway on internal and external it will warn you that having such a setup will "not function properly"...
Set the default gateway on the DMZ interface and leave it blank on the internal and you will be all set.
multiple-gateway-warning.bmp
Set the default gateway on the DMZ interface and leave it blank on the internal and you will be all set.
multiple-gateway-warning.bmp
Most likely, you are running into a routing loop between your Internal network and your DMZ.
This can corrupt/poison the routing table in Windows server.
I would suggest using port forwarding with your firewall and do away with your DMZ.
By putting your server in the DMZ as well as the internal network, you are circumventing the security that your firewall has.