[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


How do i setup server 2003 with two nics to distribute internet?

Posted on 2011-05-03
Medium Priority
Last Modified: 2012-05-11
I am currently trying to connect my network at work to the internet. I have a 2 nic server with 2003 installed with an internet line coming into nic A (tested and works)and i have set the ip/dns on that nic to what my isp provided. The second nic (nic B) is going to a switch and the switch is set to passthrough. I am trying to use the server as the dhcp aswell. The dhcp subent scope is set to  I am setting the servers ip as and subnet of, as for the other settings i have no idea what to set. So far i have internal access to file servers and can ping within the subnet. All the computers are obtaining addresses automaticly. Can anyone help guide me out of this mess? I have attempted routing and remote access and some settings in the dns snap in with no success. please feel free to ask for more information.
Question by:2sq
LVL 15

Expert Comment

by:Juan Ocasio
ID: 35514536
Why are you using 2 nics on the server?  Are you using ISA Server as your firewall and/or proxy?  If not you should just allow your users access to the internet via your router (default gateway).

Author Comment

ID: 35514855
Unfortunetly, i will need to use this server as the firewall. Our internet comes in over a radio so i have no router coming from outside, just a power over ethernet device attached to the radio.

Expert Comment

ID: 35515209
You have to open routing and remote acces. and configure rras for routing mode.
You then can select the wan and lan connection. and make a rras configuration.

After that
Be sure that you setup dhcp and dns on the server DHCP needs the dns and router option to point to the server.
DNS needs the forwarder tot the internet dns servers!!!

When you're done configuring you can test from cmd with: route print
if the route points to the internet interface.
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

LVL 29

Accepted Solution

pwindell earned 2000 total points
ID: 35515462
Don't involve the RRAS box with DNS, WINS or DHCP.  The RRAS box should be completely agnostic to those services.  DNS, DHCP, and WINS should run on the DC and since a DC is never supposed to be multi-homed the RRAS box should never be a Domain Controller.

On the Nic config of the RRAS box do this:

Internal facing Nic:
IP: LAN IP the machine should have
Default Gateway:  blank
DNS: IP of the DC
WINS: ip of DC (optional)

External facing Nic
IP: External IP from ISP
Default Gateway: IP specified by the ISP
DNS: blank
WINS: blank

Set internal facing Nic to the top of the binding order
Set internal facing nic to allow to register itself in DNS
Set external facing Nic to NOT register itself in DNS

After all these things are correct,..then run the Config Wizard to configure the RRAS box as a NAT Firewall (a NAT Router)
Then use the IP# of the RRAS box as the Default Gateway for everything on the LAN.

Expert Comment

ID: 35515499
It's true but for example if you have a sbs 2003 you also have rras and ad on one physical server.
So in this case i think it can't hurt anything.
LVL 29

Expert Comment

ID: 35515535
Yes,...but only with SBS.  SBS is a special situation that has had a whole crew of geeks go through all kinds of special engineering to get everything to work correctly in SBS.  It must be done through the SBS Config Wizards,...doing it manually outside of the Wizards almost always ends up in a disaster.  

So SBS should never be used as an excuse to take a regular Server2003 and try to manually duplicate what SBS does.  I'm not saying you are doing that,...but I have run into people thinking that from time to time and this needs to be clarified and warned against.
LVL 29

Expert Comment

ID: 35515562
Looking back at the original post, there is no indication that this is an SBS situation.

Expert Comment

ID: 35515620
Youre right

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question