How do i setup server 2003 with two nics to distribute internet?

Posted on 2011-05-03
Last Modified: 2012-05-11
I am currently trying to connect my network at work to the internet. I have a 2 nic server with 2003 installed with an internet line coming into nic A (tested and works)and i have set the ip/dns on that nic to what my isp provided. The second nic (nic B) is going to a switch and the switch is set to passthrough. I am trying to use the server as the dhcp aswell. The dhcp subent scope is set to  I am setting the servers ip as and subnet of, as for the other settings i have no idea what to set. So far i have internal access to file servers and can ping within the subnet. All the computers are obtaining addresses automaticly. Can anyone help guide me out of this mess? I have attempted routing and remote access and some settings in the dns snap in with no success. please feel free to ask for more information.
Question by:2sq
    LVL 14

    Expert Comment

    by:Juan Ocasio
    Why are you using 2 nics on the server?  Are you using ISA Server as your firewall and/or proxy?  If not you should just allow your users access to the internet via your router (default gateway).

    Author Comment

    Unfortunetly, i will need to use this server as the firewall. Our internet comes in over a radio so i have no router coming from outside, just a power over ethernet device attached to the radio.
    LVL 4

    Expert Comment

    You have to open routing and remote acces. and configure rras for routing mode.
    You then can select the wan and lan connection. and make a rras configuration.

    After that
    Be sure that you setup dhcp and dns on the server DHCP needs the dns and router option to point to the server.
    DNS needs the forwarder tot the internet dns servers!!!

    When you're done configuring you can test from cmd with: route print
    if the route points to the internet interface.
    LVL 29

    Accepted Solution

    Don't involve the RRAS box with DNS, WINS or DHCP.  The RRAS box should be completely agnostic to those services.  DNS, DHCP, and WINS should run on the DC and since a DC is never supposed to be multi-homed the RRAS box should never be a Domain Controller.

    On the Nic config of the RRAS box do this:

    Internal facing Nic:
    IP: LAN IP the machine should have
    Default Gateway:  blank
    DNS: IP of the DC
    WINS: ip of DC (optional)

    External facing Nic
    IP: External IP from ISP
    Default Gateway: IP specified by the ISP
    DNS: blank
    WINS: blank

    Set internal facing Nic to the top of the binding order
    Set internal facing nic to allow to register itself in DNS
    Set external facing Nic to NOT register itself in DNS

    After all these things are correct,..then run the Config Wizard to configure the RRAS box as a NAT Firewall (a NAT Router)
    Then use the IP# of the RRAS box as the Default Gateway for everything on the LAN.
    LVL 4

    Expert Comment

    It's true but for example if you have a sbs 2003 you also have rras and ad on one physical server.
    So in this case i think it can't hurt anything.
    LVL 29

    Expert Comment

    Yes,...but only with SBS.  SBS is a special situation that has had a whole crew of geeks go through all kinds of special engineering to get everything to work correctly in SBS.  It must be done through the SBS Config Wizards,...doing it manually outside of the Wizards almost always ends up in a disaster.  

    So SBS should never be used as an excuse to take a regular Server2003 and try to manually duplicate what SBS does.  I'm not saying you are doing that,...but I have run into people thinking that from time to time and this needs to be clarified and warned against.
    LVL 29

    Expert Comment

    Looking back at the original post, there is no indication that this is an SBS situation.
    LVL 4

    Expert Comment

    Youre right

    Featured Post

    Highfive Gives IT Their Time Back

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Join Greg Farro and Ethan Banks from Packet Pushers ( and Greg Ross from Paessler ( for a discussion about smart network …
    David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now