One server, 2 NICs, 2 default gateways

I have looked through the other posting about multiple default gateways but I am not seeing what I am looking for.

I have a Windows 2003 server that has two NIC cards.  One NIC is connected to our internal network.  The other is connected to our DMZ.  Each of them have their own default gateway.

This server is our FTP and other web services server.  It will work fine for a while and then internal and external users cannot connect to the server.  I have to disable and enable both interfaces for the problem to clear itself.

There have been posts regard the Routing and Remote Access service.  This looks to be the answer but I still don't understand how to configure RRAS to fix the problem I am having.

There are 500 points to the person who can help me get this issue resolved.

Thank you very much,
Mike
csg_int_itAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jeff MorlenNetwork EngineerCommented:
Is there a reason you are doing port forwarding on your firewall instead of a DMZ?

Most likely, you are running into a routing loop between your Internal network and your DMZ.
This can corrupt/poison the routing table in Windows server.

I would suggest using port forwarding with your firewall and do away with your DMZ.
By putting your server in the DMZ as well as the internal network, you are circumventing the security that your firewall has.
0
csg_int_itAuthor Commented:
jeffmorlen,
Is port forwarding the same as NATing?

Mike
0
edster9999Commented:
You can set a default gateway on two nics... but you should not really be able to do this.
The definition of a default gateway is the routing off your subnetwork if all else fails.
Two have two of these is a bit pointless.
Really the OSs should ban the idea of having 2 live default gateways.

A better system would be to add extra routes.
If you had a machine with something like this :


192.168.1.x ------- pc ------- 192.168.2.x -------- 192.168.3.x

Ie the machine has two network off it. 192.168.1.x and 192.168.2.x
and a machine or a route bridges off to another network 192.168.3.x (off say 192.168.2.100) and not shown here the internet gateway is on 192.168.1.1.

The the routes should be

192.168.2.0 subnet 255.255.255.0 -> eth 2
192.168.1.0 subnet 255.255.255.0 -> eth 1
192.168.3.0 subnet 255.255.255.0 -> eth 2 -> gateway 192.168.2.100
default -> eth1 -> gateway 192.168.1.1

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
edster9999Commented:
>>> Is port forwarding the same as NATing?

No.

Nat = Network address translation.  Mapping a full network like an internal 192.168.1.x network onto one IP address (maybe your public IP)

Port forwarding = when traffic comes in on a port on this public address (like port 80) then forward it to the right box on the inside.  So if you had a web server on 192.168.1.50 then you would port forward all port 80 traffic to that box.
0
Maximillian1975Commented:
When you setup a default gateway on internal and external it will warn you that having such a setup will "not function properly"...

Set the default gateway on the DMZ interface and leave it blank on the internal and you will be all set.
multiple-gateway-warning.bmp
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Telecommunications

From novice to tech pro — start learning today.