Configuration of a web server with two NICs

Posted on 2011-05-09
Last Modified: 2012-05-11

I have this situation:

I have one web server, with Windows 2008 server hosting my web site. This server is connected with one NIC to a ADSL router and with the other to LAN (with firewall).

On the 'external' NIC I have this IP vaules:

DNS Server:

On the 'internal' NIC (the one that leads to a supposed LAN trhough a firewall) :

DNS Server:

This configuration works properly to serve website to external petitions almost 90% of the time. But sometimes the server doesn't do his job: clients can't access to IIS and I have to disable 'internal' connection. This solves the problem, because instantly website is served again.

I undestand that there is some missconfiguration with the routing, but I can't find the error. Can anyone tell me some clues?

Thanks a lot and kind regards.
Question by:starbase2
    LVL 38

    Expert Comment

    by:Aaron Tomosky
    You internal has the ip of the external as it's gateway? This is not how I would normally set this up. I don't see the point of even having two nics with this config. What exactly are you trying to accomplish here? Any reason not to just have one nic on the LAN and forward port 80 to it?
    LVL 59

    Expert Comment

    by:Darius Ghassem
    Go to your network card bindings make sure your external NIC is listed first.

    You shouldn't need to have the DNS server in internal network configuration
    LVL 41

    Expert Comment

    You need to remove the gateway from the internal NIC and add static routes to the inside network as necessary. You didn't include subnet masks, but it also looks like the router on the internal NIC may not be on the same IP subnet as your NIC interface, depending on you subnet mask and whether or not you correctly posted the IP addresses.  

    To add a static route under Windows, look at "route /?" From command prompt.
    LVL 6

    Accepted Solution

    add static routes in the machine

    the machine needs a route to forwards packets to internal client without ambiguity do

    route add mask metric 1 -p

    and to force the machine sending all trafic not destined to you r internal network do

    route add mask metric 1 -p

    its necessary to make these routes persistante with  -p .

    also change the card binding  in Network and sharing Center > change adapter Settings > in the menu , Advanced setting > advanced .

    remove the gateway from the Internal nic

    in the other hand consider removing the second nic and working with One nic . it will be easier and cleaner architecture .

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    Join & Write a Comment

    When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
    The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
    This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
    This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …

    732 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now