Using Windows Firewall to separate 2 networks on PC with dual NICS?

Posted on 2016-10-27
Medium Priority
Last Modified: 2016-10-31
I have a PC that needs access to our production network as well as a separate network in a meeting room. The production network uses the 172.20.xxx.xxx IP schema and the other 192.168.xxx.xxx. The meeting room network is just a simple cable modem open to the Internet with only the routers built in firewall turned on. The production network is behind a Cisco ASA.

If I set 1 NIC up on the prod network and the other on the meeting room network, can I use Windows Firewall to keep the traffic from the meeting room network from accessing the production network with only a few exceptions for the 1 or 2 applications I need? If so, how?
Question by:coptechs
  • 2
  • 2
LVL 61

Expert Comment

by:Cliff Galiher
ID: 41863090
Windows will bot route traffic between either network by default. That actually takes active configuration. And that means windows server and honestly, windows isn't a great router (and is an expensive use of a windows server license.)

Author Comment

ID: 41863181
The machine has Windows 7 and my concern is someone connected to the meeting room network having the ability to get onto the production network. I'm not using the Windows machine as a router.
LVL 61

Accepted Solution

Cliff Galiher earned 2000 total points
ID: 41863183
Unless they exploit an u patched vulnerability in the OS, the two networks will not see each other through that machine. They will be separate.
LVL 59

Expert Comment

ID: 41863611
What would make it pretty is would be to use different network profiles (talking about "public" vs. "domain" vs. "private") for the different NICs. That would enable you to simply use two firewall rulesets (for example one for profile domain and one for profile public) that allow different things. We did that once and it just worked.

Author Closing Comment

ID: 41867519
Thank you.

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

A small collection of useful tips and tricks for Windows 10 users that I decided to write as a result of recent questions that were asked and answered at Experts Exchange. Two short video tutorials included. Enjoy..
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question