Win 2000 Server as IP Router

Tags:
Cabling
DataCenter
Desktops
Hardware
Hubs
Management
Microsoft Windows
Network protocols
Networking
OS
Routers
Security
Servers
SQL Server
Switches
Hi, I'm trying to configure Windows 2000 Server (SP4) as an IP router. The box that 2000 Server is installed on has 3 network cards. I've setup two private networks that can talk to each other using the 2000 Server as a router. Network card 1 has the IP: 10.10.0.10 and a 255.0.0.0 mask. Network card 2 has the IP 172.17.2.10 and a 255.255.0.0 mask. Both of these nics are attached to separate mini switches. These mini switches have other machines connected to them. The machines on the switch attached to network card 1 are all in the 10.10.0.0 range. The machines on the switch attached to network card 2 are all in the 172.17.2.0 range. The devices on either range are able to ping each other just fine. Network card 3 in the 2000 server is attached to a Cisco switch and has the ability to get out to the Internet. In actual fact, this Cisco switch is behind a PIX firewall, and the PIX is attached to our 3620 router which is connected to our ISP. Network card 3 has the IP 192.168.4.10 with a 255.255.255.0 mask. The 2000 server can get to the Internet and browse web pages fine. However, neither servers on the 172.17.2.0 range nor 10.10.0.0 range can get to the Internet. What I want to end up with is the 2 private networks behind the 2000 Server to talk to each other and the Internet. I've installed Routing & Remote Access Services on the 2000 Server, but I don't know how to get the routing setup on the server to function as I require? Please can you help me get this working. Please feel free to reply with any questions you may have about my setup that I haven't covered above. Thanks in advance. Greg. -PS Sorry about the long winded text above ;-)

Answer Wiki

Thanks. We'll let you know when a new response is added.

Native Address Translation. You have three cards each on a different Private (NON routable) address spaces. You managed a routing table to connect 10 space to 172 space. Congratulations. The 2k server has internet access from its 192.168 space through NAT by the pix firewall to a routable address. BUT you cannot turn on ICS (Internet Connection Sharing) because it would expect the secondary card (10. or 172.) to be 192.168 space. You will need to setup NAT for the 10 and 172 machines to a 192 address that can use your third card as the gateway. Then the pix firewall can treat requests from the server as legitimate.
I hope this helps – Good Luck.

Discuss This Question: 3  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • HumbleNetAdmin
    You may need to put a route in your firewall going back to the 2000 server box interface that the firewall is attached to. I just recently setup a linux box as a router with eth0 as 111.111.111.160 and eht1 as 192.168.1.254 computers on the 111 network could not get to the computers on the 192 network and vice versa. My firewall is on the 111 network and when I put the route 192.168.1.0/24 in the router then all was well. The reason is that all clients on the 111 network have gateways to the IP of the firewall, as well as does the eth0 of the linux router box. So any traffic destined for an IP that cant be found on the network is then directed to the firewall. For the 192 network, the eth0 111.111.111.160 routed traffic for the 111 network to the default gateway of eth0 which is the firewall, and it had no routing info. The route 192.168.1.0/24 111.111.111.160 in the firewall basically states, any traffic from the 111 network destined for the 192 network goes to 111.111.111.160 network interface eth0 on the linux router box, and any traffic from the 192 network to the 111 network follows the route to the firewall and then is routed to the 111 network. Hope this is not to confusing and actually is of some help The HumbleNetAdmin
    0 pointsBadges:
    report
  • GregNottage
    Cool, thanks for the info. Setting up NAT worked like a charm! I now have a fully working router ;-) Thank-you very much for your kind assistance, it's hugely appreciated. Kindest Regards, Greg.
    0 pointsBadges:
    report
  • GregNottage
    Your article's topic has been one of my keenest interests for years. It's good to find someone else who shares my deepest passion.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following