Solved

Windows Server 2003: Routing NIC2 Subnet Through NIC1 For Internet Access

Posted on 2010-09-09
5
953 Views
Last Modified: 2012-05-10
I have a Windows 2003 Server Standard box with 2 NICs.  Configured as follows:

NIC1 (Plugged into network switch)
IP: 10.10.6.1
Mask: 255.255.255.0
GW: 10.10.6.254

NIC2 (Plugged directly into Client1)
IP: 192.168.0.1
Mask: 255.255.255.0
GW: none

Internet access is out through NIC1.  On NIC2 I have a single client plugged directly into NIC2 (no switch).  It needs to have access to the Internet.  Configured as follows:

Client1 NIC (Plugged directly into server NIC2)
IP: 192.168.0.3
Mask: 255.255.255.0
GW: 192.168.0.1

Client1 runs an app that I access through a web interface from the 2003 server.  That works normally.  We also push and pull files to/from this client - that works normally too.  However, I now need to allow Client1 get to the Internet for updates and for NTP reasons.  Also there is the possibility that in the future we may hang a switch off NIC2 and put additional clients in the 192.168.0.24/24 subnet so any suggestions should take that into consideration.

Here is my routing table on the server:

Active Routes:
Network Destination              Netmask          Gateway          Interface      Metric
                  0.0.0.0                    0.0.0.0      10.10.6.254          10.10.6.1           10
              10.10.6.0        255.255.255.0          10.10.6.1          10.10.6.1           10
              10.10.6.1    255.255.255.255          127.0.0.1          127.0.0.1           10
    10.255.255.255    255.255.255.255          10.10.6.1          10.10.6.1           10
              127.0.0.0                255.0.0.0          127.0.0.1          127.0.0.1             1
          192.168.0.0        255.255.255.0      192.168.0.1      192.168.0.1           10
          192.168.0.1    255.255.255.255          127.0.0.1          127.0.0.1           10
      192.168.0.255    255.255.255.255      192.168.0.1      192.168.0.1           10
              224.0.0.0                240.0.0.0          10.10.6.1          10.10.6.1           10
              224.0.0.0                240.0.0.0      192.168.0.1      192.168.0.1           10
  255.255.255.255    255.255.255.255          10.10.6.1          10.10.6.1             1
  255.255.255.255    255.255.255.255      192.168.0.1      192.168.0.1             1
Default Gateway:       10.10.6.254
===========================================================================
Persistent Routes:
  None

Thanks in advance for the help!
0
Comment
Question by:dmcoop
  • 3
  • 2
5 Comments
 
LVL 1

Expert Comment

by:ted_sin
ID: 33642345
You need to configure routing and remote access on your 2003 server to allow routing, just follow the wizard.
0
 
LVL 3

Author Comment

by:dmcoop
ID: 33642692
Ted I had tried that already.  No go.
The service is still installed but not configured - if you have specific recommendations on what to configure and I am willing to try them.  The one that seemed to make the most sense was to set it up for the NAT or LAN options.  Neither gave me much joy.  However I did get to drive 20 miles round trip when one of the things I was trying on the LAN option caused the external NIC to stop passing traffic ... that was no fun at all. ;-)
0
 
LVL 3

Author Comment

by:dmcoop
ID: 33642704
What I am hoping for is someone who understands Windows server routing enough to give me specific persistent routes I can enter at CLI.  I am open to using whatever tools are included with Server 2003 (like the suggestion from Ted) but I suspect this problem can be fixed using the ROUTE command.  But what do I know  .... the dang thing still does not work!
0
 
LVL 1

Accepted Solution

by:
ted_sin earned 500 total points
ID: 33644343
Hi dmcoop,

You need to enable Windows to route traffic and that is through routing and remote access.
I would choose NAT and next step is to choose the inteface that is connected to internet and youre done. When you use NAT you automatically have a "firewall" function and need to specify the services you want to allow inbound so it is correct that you could not access the service cause you need to configure that too under NAT/Basic firewall, select the external adapter and under services you have some standard options you could use or specify your own.

I don't think you can use the ROUTE command to add presistent routes and make Windows act as a router, the proper route would then be
if you cant find it here try outside
any:0.0.0.0    any: 0.0.0.0      GW:10.10.6.254      Interface:10.10.6.1           10

and you already have that.
0
 
LVL 3

Author Closing Comment

by:dmcoop
ID: 33756063
I finally figured it out.  The information in this thread pointed me in the right direction.
0

Featured Post

Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now