[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Accessing two subnets with two NICS

Posted on 2013-12-28
4
Medium Priority
?
230 Views
Last Modified: 2014-01-06
Hello Experts,

1. I have Internet coming into my workgroup on 192.168.0.x network
2. I have installed a firewall (WAN 192.168.0.x and LAN 192.168.3.x)

I have a computer that I want to be behind the firewall (192.168.3.x) and upstream of the firewall (192.168.0.x). I will use two separate Network Interface cards in this computer to accomplish this.

NIC1. 192.168.0.x DHCP (Live to Internet upstream of firewall)
NIC 2 192.168.3.5 (Live to Internet on firewall Internal LAN)

The reason being that this network is in a remote location. I want to be able to log in remotely to check firewall settings (even if the firewall is not getting a WAN signal for some reason)

My question:

I want to make sure I am not creating any networking or security issues by doing this.

Isn't this basically Network Address Translation on this computer ?

Can anyone clarify this for me?

Thanks!
0
Comment
Question by:Saxitalis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 6

Accepted Solution

by:
Brad Held earned 2000 total points
ID: 39743813
This will be a security risk because the computer is In front of the firewall and behind it which means that the firewall does not have to be compromised just the computer. If the computer gets compromised then everything behind the firewall can be compromised.

Basically Natting is the process of taking one address and translating to another.
So if the isp hands your router a public ip 65.10.15.20 for the public interface and your network is a private IP range 192.168.x.x - As traffic leaves your local network to the internet the header is changed to show the source of the public address given by the isp. This is natting.
0
 

Author Comment

by:Saxitalis
ID: 39743824
Hmm OK,

So I could greatly reduce the security risk By disabling the NIC to the firewall LAN (192.168.3.x) and only enabling it on occasion when I might need it right?
0
 
LVL 6

Expert Comment

by:Brad Held
ID: 39743840
Generally speaking I would not think you would need that as anything in the dmz zone 192.168.3.x network should be accessible through the firewall but for resiliency and emergencies yeah you could enable it only when needed
0
 

Author Closing Comment

by:Saxitalis
ID: 39760571
Thanks
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
Greetings, Experts! First let me state that this website is top notch. I thoroughly enjoy the community that is shared here; those seeking help and those willing to sacrifice their time to help. It is fantastic. I am writing this article at th…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question