Active directory Question - Splitting a LAN in 2 segments with 1

[Guest]

Actual Configuration: W2K Server with 2 NIC's with IP's in the same segment
i.e. 192.168.1.6 and 192.168.1.7. Netmask: 255.255.255.0 for both NIC's

I'm trying to install Active directory, and found that there's and issue
when using 2 NIC's on the same server. I need to keep my 2 LAN's from seeing
each other for security reasons and yet access the same server for AD deploy.
I've read some about subnet masks, but still haven't figured out how can I
split my LAN into 2 segments in W2K server with only one NIC. Here's a small
diagram of what I want to accomplish:

===========
= (AD) W2K =
= 192.168.1.7 =
===========
/ \
LAN1 LAN2
192.168.1.x/25 192.168.1.x/25

Netmask 255.255.255.128 (for both LAN's) windows clients.



Any hint will be appreciated. I might have a misconception of the problem's
solution.

 

[J.H]

Using Windows 2000 RRAS to achieve the goals.
You should not promote this server to be Domain Controller.

Good luck!!

J.H

 

[Richard G. Harper]

I suspect your biggest problem is going to be trying to run two networks on
the same AD controller - it will remain a 'bridge' between the two networks.
If they must be segregated I would recommend a parent domain on the main DC
with two NICs (one in each address range) in it, and then two child
domains - one in each range each with a DC and no trusts between them.

I personally would also use 192.168.1.x and 192.168.2.x (or similar) to
divide the LANs rather than shoehorn them into one range.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

 

[Guest]

Thank you both for your responses. I finally decided to leave only one net in
the AD server, and move on to AD implementation since it's the main purpose.

Saludos
Hector Balanzar



"Richard G. Harper" escribió:

 

[Richard G. Harper]

Excellent news! If you need any further help we'll be here.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

Thank you both for your responses. I finally decided to leave only one net
in
the AD server, and move on to AD implementation since it's the main
purpose.

Saludos
Hector Balanzar



"Richard G. Harper" escribió:

I suspect your biggest problem is going to be trying to run two networks
on
the same AD controller - it will remain a 'bridge' between the two
networks.
If they must be segregated I would recommend a parent domain on the main
DC
with two NICs (one in each address range) in it, and then two child
domains - one in each range each with a DC and no trusts between them.

I personally would also use 192.168.1.x and 192.168.2.x (or similar) to
divide the LANs rather than shoehorn them into one range.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm