Windows server 2003 routing question

Discussion and support for the Windows family of operating systems.
Post Reply
ElDiablo
Registered User
Posts: 1012
Joined: 30 Jun 2004, 02:00
Location: Potchefstroom

Windows server 2003 routing question

Post by ElDiablo »

Hi,

I have a windows 2003 server with 3 ethernet cards.

eth0 - MWEB Internet (gw 192.168.0.1)
eth1 - Wireless internet (gw 192.168.10.1)
eth2 - Internal network (192.168.2.0/24)

I have NAT/Public Interface set up to route incomming ports on the MWEB interface to the internal network where other servers are located.

The current internet default gateway is set to the Wireless Internet provider on eth1 with NAT/Public Interface also enabled

Problem is, since eth1 is nou the default gateway on this server, all packets comming in from the MWEB side (eth0) is not routed to the rest of the network.

Is there a way of setting this system up in such a way that internet is used on eth1 but incomming packets on eth0 is still routed to the correct destination?

If I give eth0 it's default gateway IP it uses it for outgoing internet also :-/
Nuke
Registered User
Posts: 3515
Joined: 28 Feb 2004, 02:00
Processor: Xeon E5620
Motherboard: Asus P6T6 Workstation
Graphics card: MSI GTX770
Memory: 24GB Hynix
Location: ::1

Re: Windows server 2003 routing question

Post by Nuke »

I don't think there is a way to do it on a Windows server. You want to be able to do policy based routing, mark the packets coming in on eth0 to make sure they go out though it too.

The other option is to add a masquerade rule of some kind on the Mweb router. I don't know what hardware it is, but you need to force the source IP as that of the Mweb router's internal IP(0.1 in this case). That way, all the packets coming in from Mweb is seen as coming from 0.1, and it will be routed back through eth0. Though you lose the original source, making it far less useful for eg. mail servers, where the source IP is often used in ACL's.

Why not just move the servers to the outside of this Windows router? Windows makes a pretty crappy router... Or if its being used as a firewall, get a Cisco to act as firewall/router. You will also get a few other nice tools, like being able to slow down torrents, block Facebook, etc.

I have not used a Cisco in this scenario but the tools are there, so it should work just fine. I have used marked routing quite a few other places though.
Image
ElDiablo
Registered User
Posts: 1012
Joined: 30 Jun 2004, 02:00
Location: Potchefstroom

Re: Windows server 2003 routing question

Post by ElDiablo »

Thanks for your reply,

It is a Cisco router, but MWEB Business doesn't allow access to this router.

I think moving the other servers outside the internet network onto the 192.168.0.0/24 range is probably the best option, like you said, windows makes a crappy router...

Thanks for your suggestions!
Post Reply