<div>
Well, you just need 2 NICs on the server.<br />
one connected to the regular network and other to the other one.<br />
<br />
the only difference would be that you have one IP manually with default gateway set and another one with no default gateway.<br />
since they will be connecting using the internal IP and the VPN will manage it with the firewall using internal address because the external address will be on the firewall (the public one).
</div>


<div>
Ok, the NIC connected to the shared office network would be the one without a default gateway (just a static ip with a subnet mask)? or can it be either card that is set that way?
</div>


<div>
<blockquote>
Is it possible to have multiple ip/gateway combinations on a computer?
</blockquote>
<br />
You cannot have multiple IPs and default gateways. &nbsp;While you didn't call out a DEFAULT gateway in that question, it did seem implied.<br />
<br />
You can have two NICs, or even assign multiple IP addresses to one NIC. &nbsp;And you'd be able to access both local networks directly. &nbsp;For VPN, as long as ONE of the two NICs can access the internet and that gateway device is configured to handle/forward the VPN traffic, you'd be good. &nbsp;That gateway would also be responsible for any outbound IP traffic though (updates, etc)<br />
<br />
I'm gonna go out on a limb and guess that you are stuck because the above is not the behavior you want though. &nbsp;As, in itself, that doesn't seem too complicated. &nbsp; What behavior you do want, however, was not fully described. &nbsp;If you have a more complex topology than you've described then the solution may also be more complex.<br />
<br />
---<br />
<br />
With that said, I've done a lot of &quot;shared office&quot; where two companies are leasing the same space. &nbsp;For a variety of reasons, that does not mean they should share the same wired or wireless network though. &nbsp;Too many things can go wrong with rogue DHCP servers, each wanting their own domain controllers, etc. &nbsp;Even in &nbsp;a shared space, keeping networks separate is relatively trivial and is a low-cost low-effort investment to keep any security, legal, and ethical issues at bay that can arise on a shared infrastructure. &nbsp;Making this change now could completely alleviate the problem.
</div>


Software Engineer

noci

David Barman

<div>
I agree that total separate networks would make my job easier. &nbsp;However, by doing so, I would remove their access to the office wifi as well as access to the office copier for large print jobs, etc.<br />
<br />
So that is why I am forced to have both networks on the same subnet. &nbsp;I will have to rely on the shared network for DHCP and treat our server as a workgroup server. &nbsp;I don't see another option. &nbsp;So with this in mind, I believe my only issue will be remote access to the server. &nbsp;From what I can see, I would either need a dedicated internet connection or if the shared office internet has a free static ip, &nbsp;I may be able to connect a firewall to that for public access.<br />
<br />
Thoughts?
</div>


<div>
Having designed a fair number of these, separating networks, even with whared resources, is fairly straightforward. CompanyA has a switch that they manage. Company has a switch that they manage. &nbsp;And there is a third (usually small), managed switch that is managed by a neutral third party. &nbsp;That switch has a port for the CompanyA VLAN going to their switch. A different port for CompanyB. And trunk ports for shared resources (such as a copier and access points.<br />
<br />
Any business device in the last 10 years supports VLANs so the copier would be accessibke from both. And each company could have their own SSID on the access points, but the actual networks remain separate (nothing send in companyA wifi goes to company's network and vice versa, as even the WAP will honor rebroadcasting.)<br />
<br />
Maintaining good network posture in shared spaces is still very easy to do and is the better solution. And yes, would fully work with two ISP's (which I'd also recommend.)
</div>


<div>
I agree with you Cliff. &nbsp;However, at this point I have no knowledge of how the share space is setup and gaining access to that information at this point in time is not possible. &nbsp;Therefore, I am trying to implement a scenario that I know will work without relying on any specifics of the shared office network. &nbsp;Given that, if I simply add the second network card and tie a firewall to a separate internet connection, that should give me local as well as remote access to the server? Or am I missing something?
</div>


Drawing1.png

<div>
&quot;Therefore, I am trying to implement a scenario that I know will work without relying on any specifics of the shared office network.&quot;<br />
<br />
Without specifics of the network, logical or physical, I can't gaurantee ANY topology. Or even say with mild confidence. There are other things at play that could totally break any design you try to do. &nbsp;That&quot; without any specifics&quot; is basically a black box and turns any attempt to design... Or recommend...into &quot;garbage on, garbage out.&quot; There are just too many factors that could maneka good design go bad.
</div>


<div>
i have a similar scenario with 2 ISP's and 2 servers. there are 2 subnets and all computers of the network have two NIC's where only one is configured for internet and the other for internal LAN services only. <br />
<br />
Sara
</div>


<div>
If I am understanding the question correctly, the separate network would only come into play in the event you had to drop in a second Inet connection? &nbsp;In other words, you want to put a server on an internal network that is shared. &nbsp;The fact that everyone on the internal network can see it isn't a problem for your customer. &nbsp;They want to be able to connect to it remotely. &nbsp;This is the actual problem?<br />
<br />
If that understanding is correct then why not just place a firewall at the edge that is SSL-VPN capable, authenticate any VPN connection attempts against your internal authentication server(s) and then call it good? &nbsp;Maybe you have to introduce a RADIUSauth device if you want to get really crazy with the auth/permissions?
</div>


<div>
atlas_shuddered: &quot;place a firewall at the edge&quot;?? Not sure what you mean.
</div>


<div>
I am assuming that you already have a firewall between your network and the outside world, &quot;at the edge&quot; of your network?<br />
<br />
Just make sure that either it has SSL VPN capability or purchase a firewall that does.<br />
<br />
The dual LAN'ing thing can be done but I can give you a definite promise that the headaches you will buy yourself unnecessarily will haunt you for far longer than you will desire.
</div>


<div>
<div class="content wysiwyg-content">
Is it possible to have multiple ip/gateway combinations on a computer? &nbsp;I have scenario where a customer resides in a &quot;shared&quot; office space. They would like to install their own server. &nbsp;The addition of the server is not a real issue, I can install it on the same subnet as the existing network that is available to the shared office space, both wired and wireless. &nbsp;However, they would also like VPN access to the server remotely. That is where I am not sure how to proceed. &nbsp;Even if I acquire a separate internet connection and firewall and connect it to the server, how do I make the server able to be connected to both networks simultaneously so they can access it remotely via the separate internet connection/firewall combination and also be connected to the share office subnet (when onsite) so they can have wifi or wired access to the server as well as being able to access the shared printers that are available on the shared office space network.<br />
<br />
Any insight would be appreciated.
</div>
</div>


Is it possible to have multiple ip/gateway combinations on a computer?  I have scenario where a customer resides in a "shared" office space. They would like to install their own server.  The addition of the server is not a real issue, I can install it on the same subnet as the existing network that is available to the shared office space, both wired and wireless.  However, they would also like VPN access to the server remotely. That is where I am not sure how to proceed.  Even if I acquire a separate internet connection and firewall and connect it to the server, how do I make the server able to be connected to both networks simultaneously so they can access it remotely via the separate internet connection/firewall combination and also be connected to the share office subnet (when onsite) so they can have wifi or wired access to the server as well as being able to access the shared printers that are available on the shared office space network.

Any insight would be appreciated.

Connecting a server to two networks simultaneously

Windows 10 is a personal computer operating system featuring the "universal application architecture" (UAP); apps can be designed to run across multiple devices with nearly identical code, including PCs, tablets, smartphones, embedded systems, Xbox One, Surface Hub and HoloLens. Windows 10 also includes a virtual desktop system, a window and desktop management feature called Task View, the Microsoft Edge web browser, support for fingerprint and face recognition login, voice-based search (Cortana), new security features for enterprise environments, and DirectX 12 and WDDM 2.0 to improve the operating system's graphics capabilities for games.

Windows 10

Windows Server 2016 is the successor to Windows Server 2012 R2. Built upon the same core code as Windows 10, Windows Server 2016 brings enhancements in security, servicing, and connectivity. A particular focus on this release was hybrid-cloud scenarios, and has close ties to Azure and other Microsoft cloud initiatives. This does not detract from the many improvements that are available for on-premises-only deployments

Windows Server 2016 comes in Datacenter, Standard, and Essentials editions, and for servicing, has adopted windows 10's cumulative model. The new nano-server install is designed to be remotely managed and is designed to be kept current through continuous feature updates. The full GUI install operates similarly to windows 10's "Long Term Servicing Branch" (LTSB) model with cumulative security updates.

Windows Server 2016 has also shifted from a per-processor-and-CAL licensing model to a per-core-and CAL licensing model. This brings Windows Server's licensing more in line with Microsoft's other products and makes hybrid-cloud license planning easier as well.

Windows Server 2016

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

Installation is the act of making a computer program program ready for execution. Because the process varies programs often come with a specialized program responsible for doing whatever is needed for their installation. Installation may be part of a larger software deployment process. Cross platform installer builders that produce installers for Windows, Mac OS X and Linux include InstallAnywhere, InstallBuilder and Install4J. Installers for Microsoft Windows include Windows Installer, InstallShield, and Wise Installation Studio; free installer-authoring tools include NSIS, IzPack, Clickteam, InnoSetup, InstallSimple and WiX. Mac OS X includes Installer, and also includes a separate software updating application.

Installation

Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.