Windows Server 2008 Thread, Two NICs - Different Networks in Technical; Hi Guys & Gals,
I have a server 2008 machine with 2 NICs. When i connect to our domain with ...
23rd March 2012, 04:21 PM #1
Two NICs - Different Networks
Hi Guys & Gals,
I have a server 2008 machine with 2 NICs. When i connect to our domain with both NICs set with our IP settings, all is well. However, i want to use this server as a web server and have one NIC configured and connected to our domain and the other configured and connected to the CLEO network (we have a web gateway setup).
My issue is... when i configure the NICs (in exactly the same way as another web server on 2003) i cannot connect to it. If i uplug/disable the CLEO connection, i can then access it again. I have configured this on numerous server 2003 machines and it has worked fine.
- Does server 2008 have inbuilt NIC pooling that is getting confused because of different IP settings? Can i disable it?
- Is there something else i am missing?
The server is a SuperServer 6024H-82R.
IDG Tech News
23rd March 2012, 04:27 PM #2
By the way if someone compromises security on that webserver your internal school network is at risk. I highly recommend you don’t have the second NIC in your LAN
23rd March 2012, 04:58 PM #3
Fear not. This is through a web gateway provided by county. Basically a redirect through county. All our internal domain requires authentication to do anything.
Originally Posted by FN-GM
23rd March 2012, 05:57 PM #4
Are you setting two gateways?
You need to only setup the external Nic with a DG and the internal network is fine.
Are you using Vlans internally?
23rd March 2012, 07:37 PM #5
The correct way to do this is put the webserver in a separate DMZ VLAN which is controlled by the firewall.
That isn't really going to help, as @FN-GM points out if the web server is compromised they still have access to the internal LAN whether or not you have domain authentication.
Originally Posted by phughes
What firewall do you use?
26th March 2012, 09:41 AM #6
@CyberNerd We're currently using a smoothwall server. But we have bought a CISCO ASA 5505, not managed to get round to setting it up yet.
@glennda No VLANS, tried all different configurations with DG.
This server has dual LAN, could it be a server config that uses both ports that i need to turn off? Works perfectly fine with 2s IP on one network, just not one internal and one external.
26th March 2012, 09:46 AM #7
Set the default gateway on the external card and leave the internal card without one. It should then work fine as the machine will be able to communicate with all clients locally on the same subnet without requiring any routes set.
26th March 2012, 09:47 AM #8
Cisco ASA is really good kit. We have one here. Set it up and use a VLAN for the DMZ. Configure the DMZ so that only allowed traffic can flow back into your internal network.
Originally Posted by phughes
26th March 2012, 10:03 AM #9
@glennda I tried that one, but as soon as i plug into the external my remote desktop session ends and i can no longer connect / communicate from internal.
@CyberNerd I will one day! I need to get port forwarding working too, but i cant do this while school is live and our holidays are completely booked up with work. School are also cutting our staff down to 2 and adding primary schools to support (you know how it is)
27th March 2012, 11:54 AM #10
Right, sorted it!
Turns out that when adding remote desktop users and it says "DOMAIN\administrator already has access", this is only the case up until you plug into a public network. Then you have to add domian admin to the group otherwise no user can from the domain can remote to the server.
By adding this user this apparently meant that request was granted by Windows Firewall as the request was being blocked by one of the public profile inbound rules.
Thats a new one
Last edited by phughes; 27th March 2012 at 12:02 PM.
By jmair in forum Windows
Last Post: 13th July 2009, 05:24 PM
By adamf in forum Windows
Last Post: 21st February 2008, 09:50 AM
Last Post: 2nd April 2007, 03:08 PM
Last Post: 11th January 2007, 11:31 PM
By crc-ict in forum Windows
Last Post: 12th October 2006, 01:44 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)