Solved

How did I do it???

Posted on 2011-02-23
9
406 Views
Last Modified: 2013-11-16
I have a server with 2 NICs, one connected to a firewall and the Internet and one connected to my LAN. Both my internal and external users can access the server.  Now I have a second server that I need to setup the some way, I think I have mirrored the settings but it won’t work. As soon as I mirror the settings internal users loses access to the server.

Here is how my current server is set up:

NIC1:
IP: LAN.x.x.10
GW: Blank
DNS: LAN.x.x.2

NIC2:
IP: WAN.x.x.10
GW: WAN.x.x.1
DNS: WAN.x.x.2

•      IP Binding is set with NIC#1 as primary.
•      Routing and remote access is not configured on either server.
•      My firewall does not have routes specific to the currently functional server.
•      My LAN DNS points users to the LAN IP address. I do not have a public DNS entry.

I cannot find anything that would cause one to work but not the other, do you have any ideas?

0
Comment
Question by:o_b_c
  • 6
  • 2
9 Comments
 
LVL 5

Expert Comment

by:torvir
ID: 34967996
>>>As soon as I mirror the settings internal users loses access to the server.
How is the servers IP-parameters configured when the users can reach it? And what do you change when they lose contact with it?
0
 
LVL 16

Expert Comment

by:JammyPak
ID: 34970246
couple things...
- please describe the question/problem in the title, not just 'how do I do it?'

also,
- why not setup port forwarding through the firewall instead of having 2 nics and exposing the system?

what is the server doing? file server, web server? (why/how are the users accessing it)
0
 

Author Comment

by:o_b_c
ID: 34971837
Torvir, Great question. So when my internal users can access the server it is set up like this:

NIC1:
IP: LAN.x.x.10
GW: LAN.x.x.1
DNS: LAN.x.x.2

NIC2: Disabled interface

They lose access to it when I remove the GW on NIC1 and enable NIC2.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 

Author Comment

by:o_b_c
ID: 34972223
JammyPak, A better title is a good point, only I couldn't think of a simple way of summarizing my issue. Do you have a suggestion? Along that some string, do you think this question would be better listed in a different zone?

The server that is functioning is an Exchange server with OWA, the other server is an application server.

I could use port forwarding, I hadn't really considered that option I would need to update my DNS/MX records, inform my virus scan service, and reconfigure my firewall, it could be a bit of work and I’m reluctant to screw with my Exchange server that is working so well. Also I'm not quite sure how the client software for the web application will handle it since I would have two different servers accessing HTTPS port 443. How would the firewall distinguish between the 2?
0
 

Author Comment

by:o_b_c
ID: 34972345
I was just rereading my post and I now realize that it may be a little confusing.

My current Exchange Server has the following Network configuration and is working just fine:

NIC1:
IP: LAN.x.x.10
GW: Blank
DNS: LAN.x.x.2

NIC2:
IP: WAN.x.x.10
GW: WAN.x.x.1
DNS: WAN.x.x.2

My new web application server is only accessible to the internal users when it is set up like this:

NIC1:
IP: LAN.x.x.20
GW: LAN.x.x.1
DNS: LAN.x.x.2

NIC2: Disabled interface

And when I mirror the settings of my Exchange server to try and get the new server to work like my Exchange server does, it breaks and no one can access it. The network config when it is broken looks like this:

NIC1:
IP: LAN.x.x.20
GW: Blank
DNS: LAN.x.x.2

NIC2:
IP: WAN.x.x.20
GW: WAN.x.x.1
DNS: WAN.x.x.2
0
 

Author Comment

by:o_b_c
ID: 34972360
JammyPak, Although port forwarding might be an option, it seems that it should work in the configuration that I'm currently trying to use thought too. Right. or am I confused???
0
 
LVL 5

Accepted Solution

by:
torvir earned 500 total points
ID: 34973813
Yes, it should work if the clients are on the same vlan as the servers.
But when you say it stop working as you take away the gateway on NIC1, I'm sure that you have a persistent route in the old server but not in the new. Copy that too.
If you run "netstat -nr" in the old server and look beneath the routing table you probably see one or more persistent routes.
To implement the same route in the new server you use
route add -p <network> mask <mask> <gateway>
0
 

Author Comment

by:o_b_c
ID: 34974518
Oh, I think you might be on to something. I recall doing this a couple of years ago, let me test it out and I'll report back.
0
 

Author Closing Comment

by:o_b_c
ID: 35059882
Thank you, it worked!!!
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 2003 domain controller crashed BDC is 2008 server 4 77
shadow copies 7 76
File Server Migration from 2003 to 2008R2 3 70
Windows Update Isn't working 41 154
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question