Solved

How do I specify which IP address to use for my server 2012?

Posted on 2014-03-26
9
249 Views
Last Modified: 2014-05-15
Hi.  I have a Windows Server 2012 Standard edition box that hosts multiple websites.  So, the NIC card in it has been assigned multiple IP addresses.  When I do a whoami on the internet (www.hashemian.com/whoami), it comes back with the lowest numerical IP address assigned to that NIC.  However, the main IP address specified on the IPv4 properties screen is different (a higher numbered IP).  Is there a way to specify that I want the server to come across as that higher IP as opposed to the lowest one in the list?

Your help is appreciated!
0
Comment
Question by:IT_Girl2
  • 4
  • 3
  • 2
9 Comments
 
LVL 9

Expert Comment

by:rfportilla
ID: 39957769
I'm not sure why this is important.  The response that you are getting from whoami is based on the IP address used for outgoing traffic.  

In Network Connections, (Control Panel->Network and Internet->View Network Status and tasks and click "Network Connections" on the left) if you right-click the adapter that has the ip addresses and modify the IPV4 settings, there is an advanced option to enter the ip addresses.  I believe putting the preferred IP first will change the default for outgoing traffic.
0
 
LVL 76

Expert Comment

by:arnold
ID: 39957970
Do you have your system directly exposed to the Internet versus being behind a firewall that can be configured to alter the outgoing IP based on a service.

For web sites, you would assign an IP to the site such that requests to it and response will use that IP.  Outgoing traffic alway goes by the primary IP set in the general TCP/IP protocol settings.
0
 
LVL 9

Expert Comment

by:rfportilla
ID: 39958976
Yep, I agree with Arnold. I'm confused as to what the end goal here is.  If you are concerned with the web sites, the IP that the web site responds on is set in the web configuration.  If you are concerned with outgoing traffic initiated on that server (like going to a web site such as whatismyip.com), then you can take a look at my instructions above.  However, if this server is not directly connected to the Internet and there is a router (more specifically a NAT), then the IP address that is visible from the whoami page is going to be set on that router, not on your server.  

I'm sorry, but i don't know what your technical expertise is.  If this is too basic or complicated, let me know and I can adjust.  

Thanks.  Hope this helps.
0
 

Author Comment

by:IT_Girl2
ID: 39962393
Thanks for your replies.  This webserver is in our DMZ with a publicly accessible IP (no NAT).  We are trying to have email automatically sent from the websites that are hosted on this server using our internal Microsoft Exchange server as a relay (specified as the smarthost).  We were trying to allow traffic from the IP that is specified on the main IPv4 config page (xxx.xxx.xxx.202) to the exchange box (10.xxx.xxx.165), but it wasn't working and we couldn't figure out why.  Once we did a whoami on the internet from the website, and it came back (xxx.xxx.xxx.201), we put that as the ip in the firewall to the exchange box and it works!  However, we don't want to use .201... that is a website that hosts a portal to view personally identifiable information.  We would rather use .202 which is not associated with any PII at all.  Does that make sense?
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 76

Expert Comment

by:arnold
ID: 39962643
which firewall do you use?  IT has a port forwarding rule dealing with where to direct inbound connections on port 25.  There is usually an outgoing rule where you can map 10.xxx.xxx.165 port 25 will always go out via xxx.xxx.xxx.202for example.
Then you would alter the port forward from xx.xxx.xx.201 25  to 202 port 25 to go to 10.xx.xx.165

You can do IP based or post based policy routing.
0
 
LVL 9

Expert Comment

by:rfportilla
ID: 39963870
I think you need to check the mail server settings on your web servers.  In order to send out mail it has to be configured.  In that configuration there will be an option to specify which IP to use.  This is the best way.
0
 
LVL 76

Expert Comment

by:arnold
ID: 39963927
The issue is that the setup is NAT. The systems have private IPs 10.x.x.x

The firewall rules need to worked on the outgoing side which map an internal address or internal address/port to an external IP.
0
 

Author Comment

by:IT_Girl2
ID: 39966743
I have added the proper additions to the Exchange server (I added .202 first, and then .201 after I discovered that's the IP the server was using).  Like I said, it's working now that I've allowed .201 through the firewall.  The firewall doesn't use NAT between the DMZ and internal network.  I just need to know if there is a way to change what IP the SMTP virtual server is using from .201 to .202.  I don't see where you can specify it.
0
 
LVL 9

Accepted Solution

by:
rfportilla earned 500 total points
ID: 39966778
Now that we have gotten down to the real issue, I think this is relevant.  

http://www.expta.com/2011/05/how-to-specify-which-ip-address-to-use.html

Once you change the order of the IP addresses, the first one should be the "preferred" IP.  You may need to restart some services or the Exchange server to get it to accept it.  However, the link above allows you to be more explicit if you need more complex configuration or if reordering is still not working.  

Please let us know how it goes or if you have any issues.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Have you ever stumbled upon a software that is so great that you just love? It happened to me. Love at first sight. Filezilla Server.   Ok its not the most advanced ftp server I've came across. But its a fairly simple piece of software to get the …
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now