Internet connection sharing.

pts.
Tags:
Bandwidth
DataCenter
DHCP
DNS
Instant Messaging
Microsoft Windows
Networking services
Sendmail
Hi! Please, I would like to know if it is possible to use the Internet Connection Sharing feature on a Windows 2000 server system set up as a domain controller. If yes, is anything compromised or affected in anyway? Many thnks!

Answer Wiki

Thanks. We'll let you know when a new response is added.

Very Scary. Internet Connection Sharing is based on having TWO network interface cards(NIC). First one being the normal IP address that connects to the “internet” (i.e. has a public address that can be routed). the second card is given a private adress (usually 192.168.1.1) and becomes the gateway for the other machines wishing to connect outside.
First problem with your ‘double-homed’ system will be DNS. If your workstations see the server having two addresses (the public and the private) and cannot reach both addresses login becomes very problem prone.
Second problem is exposing the Domain controller to the internet.

Recommend a dedicated box with two NIC’s setup as the gateway/firewall. Place the domain controller inside the protected space. This avoids the load of surfers slowing down the domain controller which has more important things to do.

Discuss This Question: 4  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • ArrghOff2Pillage
    I would concur that it is not advisable to set up on a DC. If this is not a dial-up, best solution would be to get something like a Watchguard or Sonicwall SOHO firewall and route all internet traffic through that. Much more secure and the devices are relatively easy to setup. About $350 hardware investment, but you could eat that up in trying to set up the DC, and A LOT more should the DC become compromised and the domain destroyed. I would still keep the DC doing DHCP and DNS, set the DNS to forward unknown requests to the ISP DNS servers. The workstations must use the DNS on the DC or you will have a lot of connectivity problems.
    0 pointsBadges:
    report
  • Jester42
    Yes bad to set dc to internetsharing if home pc and what to find out how give it a go but not advised if office no way. set up firewall router hardware (sonicwall) or stand alone (smoothwall or esmith) depends on the set up and what services you want running and cost.
    0 pointsBadges:
    report
  • Kejioffice
    okey dokey... thank u all, will set-up a member server as the gateway instead?? wat u think?
    0 pointsBadges:
    report
  • jinteik
    maybe getting a router and switch will help to share your internet easier than using a DC to share the Internet. And it is not advisable to use DC to share Internet
    17,330 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following