2 network cards

[Sam Johnson]

Hi there,

I am just setting up an ADSL connection on a Win2K
server. Although it is only running SP2. It originally
had a nic on 192.168.10.11 running the LAN. The previous
ISDN router ran on 192.168.10.1 and the new ADSL router
now runs on that same address instead. It is confgied
with NAT to use the static IP for IP routing.

I have added a nic and setup an external IP address on it
with suitable subnet. I have pointed this at the gateway
router which is another static IP very similar. The
correct new ISP DNS are used.

In the DNS service in W2K I have amended it to use the
new ISP ones.

The server at 192.168.10.11 can get broadband internet
access but the workstations can't. However nothing pings
the router except my laptop plugging directly into it's
built in switch. The router is wired to the external IP
nic. The original nic is wired to the switch.

It appears to almost be setup but I could do with the
system to ping properly and the clients to get internet
access. DHCP does seem to work OK.

Any ideas?

Many thanks Sam.

 

[Phillip Windell]

The DSL Router is running NAT and is "serving" the Internet Connection to
the clients. You do not need two nics and any Server unless that Server is
going to replce the DSL Router with itself, or if you intend to create a
Back-to-Back DMZ for specific reasons on purpose. But if you do not want a
Back-to-Back DMZ then the Server would have only one Nic and would be just
another machine on the LAN and not have any role to play concerning the
Internet.

If you want the Server to have two nics and "serve" the Internet Connection
to the clients, then ditch the DSL Router, replace it with a DSL modem (has
no IP#), setup RRAS on the Server to perform NAT.

 

[Dusty Harper {MS}]

Check the following:

1) the clients on the 192.168.10.x network all need a default gateway of
192.168.10.1
2) IP routing needs to be enabled on the W2K box
3) NAT needs to be configured properly on the W2K box
192.168.10.1 interface is private
Internet interface is public
4) The W2K box needs to have a default gateway set to the IP of the ISP's
router
5) Verify filters are not installed on the W2K box. If you do need filters,
troubleshoot your filter rules.


Pub
192.168.10.1
[Client]----------------------[ W2K ]----------------------------------[
ISP ]
192.168.10.x NAT
Prv

 

[Sam Johnson]

Thanks Philip,

So are you saying that really the router box is acting
like another nic as long as it runs NAT? I have seen a
small network run with 2 nics and a router though on W2K
Pro and that ran securely. Would it be secure enough with
just 1 nic?

SO 2 nics in seperate subnets are really totally seperate
then (even in the same machine) and setting up NAT in W2K
not just the router would be required to get them to work?

Many thanks Sam.

-----Original Message-----
The DSL Router is running NAT and is "serving" the Internet Connection to
the clients. You do not need two nics and any Server unless that Server is
going to replce the DSL Router with itself, or if you intend to create a
Back-to-Back DMZ for specific reasons on purpose. But if you do not want a
Back-to-Back DMZ then the Server would have only one Nic and would be just
another machine on the LAN and not have any role to play concerning the
Internet.

If you want the Server to have two nics and "serve" the Internet Connection
to the clients, then ditch the DSL Router, replace it with a DSL modem (has
no IP#), setup RRAS on the Server to perform NAT.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

Hi there,

I am just setting up an ADSL connection on a Win2K
server. Although it is only running SP2. It originally
had a nic on 192.168.10.11 running the LAN. The previous
ISDN router ran on 192.168.10.1 and the new ADSL router
now runs on that same address instead. It is confgied
with NAT to use the static IP for IP routing.

I have added a nic and setup an external IP address on it
with suitable subnet. I have pointed this at the gateway
router which is another static IP very similar. The
correct new ISP DNS are used.

In the DNS service in W2K I have amended it to use the
new ISP ones.

The server at 192.168.10.11 can get broadband internet
access but the workstations can't. However nothing pings
the router except my laptop plugging directly into it's
built in switch. The router is wired to the external IP
nic. The original nic is wired to the switch.

It appears to almost be setup but I could do with the
system to ping properly and the clients to get internet
access. DHCP does seem to work OK.

Any ideas?

Many thanks Sam.

.

 

[Sam Johnson]

Thanks Dusty,

So you reckon I can do it ok with nics if I configure W2K
as well as the router itself.

Many thanks Sam.

-----Original Message-----
Check the following:

1) the clients on the 192.168.10.x network all need a default gateway of
192.168.10.1
2) IP routing needs to be enabled on the W2K box
3) NAT needs to be configured properly on the W2K box
192.168.10.1 interface is private
Internet interface is public
4) The W2K box needs to have a default gateway set to the IP of the ISP's
router
5) Verify filters are not installed on the W2K box. If you do need filters,
troubleshoot your filter rules.


Pub
192.168.10.1
[Client]----------------------[ W2K ]-------------------- --------------[
ISP ]
192.168.10.x NAT
Prv
--
--
Dusty Harper
Microsoft Corporation
--------------------------------------------------------- -------------------
This posting is provided "AS IS", with NO warranties and confers NO rights
--------------------------------------------------------- -------------------

Hi there,

I am just setting up an ADSL connection on a Win2K
server. Although it is only running SP2. It originally
had a nic on 192.168.10.11 running the LAN. The previous
ISDN router ran on 192.168.10.1 and the new ADSL router
now runs on that same address instead. It is confgied
with NAT to use the static IP for IP routing.

I have added a nic and setup an external IP address on it
with suitable subnet. I have pointed this at the gateway
router which is another static IP very similar. The
correct new ISP DNS are used.

In the DNS service in W2K I have amended it to use the
new ISP ones.

The server at 192.168.10.11 can get broadband internet
access but the workstations can't. However nothing pings
the router except my laptop plugging directly into it's
built in switch. The router is wired to the external IP
nic. The original nic is wired to the switch.

It appears to almost be setup but I could do with the
system to ping properly and the clients to get internet
access. DHCP does seem to work OK.

Any ideas?

Many thanks Sam.

.

 

[Phillip Windell]

So are you saying that really the router box is acting
like another nic as long as it runs NAT? I have seen a
small network run with 2 nics and a router though on W2K
Pro and that ran securely. Would it be secure enough with
just 1 nic?

You have to keep in mind that there are several "models" for doing this that
represent different topologies. If we aren't "on the same page" speaking
about the same thing at the same time there will be endless confusion on
this. You can not "mix & match" the design methods,..you have to know "what"
you want and "why",..and then stick with that method.

There are three models described below. I am recommending #1 or #2. I don't
believe Model #3 is suitable for someone unless they fully understand how
such a model behaves and how to deal with it.


Model #1 DSL/Cable Router only
<LAN machines with single nics, including the Server>
|
<DSL/Cable Router with internal and external interfaces>
|
<Internet>

Model #2 Windows Server with DSL/Cable Modem (not router)
<LAN machines with single nics>
|
<Windows Server, 2 Nics, Running RRAS NAT>
|
<DSL/Cable Modem, has *no* IP#s>
|
<Internet>

Model #3 Back-to-Back DMZ with Win Server & Router Combo
<LAN machines with single nics>
|
<Windows Server, 2 Nics, Running RRAS NAT>
|
(DMZ between Server and DSL/Cable router)
|
<DSL/Cable Router with internal and external interfaces>
|
<Internet>

In Model #1 the Windows Server has only one Nic and plays no role in the
Internet access at all.
In Model #2 the Windows Server has two Nics, one with a Private Address
(LAN) and the other Public that is assigned by the ISP.
In Model #3 the Windows Server has two Nics, both with a Private Address but
each from different subnets (one LAN, one DMZ). The DSL/Cable Router has two
interfaces, one Private (DMZ) facing the Windows Server and other interface
is Public and is facing the ISP.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

SO 2 nics in seperate subnets are really totally seperate
then (even in the same machine) and setting up NAT in W2K
not just the router would be required to get them to work?

Many thanks Sam.

-----Original Message-----
The DSL Router is running NAT and is "serving" the Internet Connection to
the clients. You do not need two nics and any Server unless that Server is
going to replce the DSL Router with itself, or if you intend to create a
Back-to-Back DMZ for specific reasons on purpose. But if you do not want a
Back-to-Back DMZ then the Server would have only one Nic and would be just
another machine on the LAN and not have any role to play concerning the
Internet.

If you want the Server to have two nics and "serve" the Internet Connection
to the clients, then ditch the DSL Router, replace it with a DSL modem (has
no IP#), setup RRAS on the Server to perform NAT.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

Hi there,

I am just setting up an ADSL connection on a Win2K
server. Although it is only running SP2. It originally
had a nic on 192.168.10.11 running the LAN. The previous
ISDN router ran on 192.168.10.1 and the new ADSL router
now runs on that same address instead. It is confgied
with NAT to use the static IP for IP routing.

I have added a nic and setup an external IP address on it
with suitable subnet. I have pointed this at the gateway
router which is another static IP very similar. The
correct new ISP DNS are used.

In the DNS service in W2K I have amended it to use the
new ISP ones.

The server at 192.168.10.11 can get broadband internet
access but the workstations can't. However nothing pings
the router except my laptop plugging directly into it's
built in switch. The router is wired to the external IP
nic. The original nic is wired to the switch.

It appears to almost be setup but I could do with the
system to ping properly and the clients to get internet
access. DHCP does seem to work OK.

Any ideas?

Many thanks Sam.

.

 

[Sam Johnson]

Yes I see what you mean Philip,

Thank you for your help.

Sam.

-----Original Message-----


You have to keep in mind that there are several "models" for doing this that
represent different topologies. If we aren't "on the same page" speaking
about the same thing at the same time there will be endless confusion on
this. You can not "mix & match" the design methods,..you have to know "what"
you want and "why",..and then stick with that method.

There are three models described below. I am

recommending #1 or #2. I don't

believe Model #3 is suitable for someone unless they fully understand how
such a model behaves and how to deal with it.


Model #1 DSL/Cable Router only
<LAN machines with single nics, including the Server>
|
<DSL/Cable Router with internal and external interfaces>
|
<Internet>

Model #2 Windows Server with DSL/Cable Modem (not router)
<LAN machines with single nics>
|
<Windows Server, 2 Nics, Running RRAS NAT>
|
<DSL/Cable Modem, has *no* IP#s>
|
<Internet>

Model #3 Back-to-Back DMZ with Win Server & Router Combo
<LAN machines with single nics>
|
<Windows Server, 2 Nics, Running RRAS NAT>
|
(DMZ between Server and DSL/Cable router)
|
<DSL/Cable Router with internal and external interfaces>
|
<Internet>

In Model #1 the Windows Server has only one Nic and plays no role in the
Internet access at all.
In Model #2 the Windows Server has two Nics, one with a Private Address
(LAN) and the other Public that is assigned by the ISP.
In Model #3 the Windows Server has two Nics, both with a Private Address but
each from different subnets (one LAN, one DMZ). The DSL/Cable Router has two
interfaces, one Private (DMZ) facing the Windows Server and other interface
is Public and is facing the ISP.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

SO 2 nics in seperate subnets are really totally seperate
then (even in the same machine) and setting up NAT in W2K
not just the router would be required to get them to work?

Many thanks Sam.

-----Original Message-----
The DSL Router is running NAT and is "serving" the Internet Connection to
the clients. You do not need two nics and any Server unless that Server is
going to replce the DSL Router with itself, or if you intend to create a
Back-to-Back DMZ for specific reasons on purpose. But if you do not want a
Back-to-Back DMZ then the Server would have only one

Nic
and would be just

another machine on the LAN and not have any role to

play
concerning the

Internet.

If you want the Server to have two nics and "serve"

the
Internet Connection

to the clients, then ditch the DSL Router, replace it with a DSL modem (has
no IP#), setup RRAS on the Server to perform NAT.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com


Hi there,

I am just setting up an ADSL connection on a Win2K
server. Although it is only running SP2. It originally
had a nic on 192.168.10.11 running the LAN. The previous
ISDN router ran on 192.168.10.1 and the new ADSL router
now runs on that same address instead. It is confgied
with NAT to use the static IP for IP routing.

I have added a nic and setup an external IP address

on
it

with suitable subnet. I have pointed this at the gateway
router which is another static IP very similar. The
correct new ISP DNS are used.

In the DNS service in W2K I have amended it to use the
new ISP ones.

The server at 192.168.10.11 can get broadband internet
access but the workstations can't. However nothing pings
the router except my laptop plugging directly into it's
built in switch. The router is wired to the external IP
nic. The original nic is wired to the switch.

It appears to almost be setup but I could do with the
system to ping properly and the clients to get internet
access. DHCP does seem to work OK.

Any ideas?

Many thanks Sam.


.

.