My Server has two default gateways, one for public IP and the other for Private IP

windows-server-2012-r2

I have set up a server running Windows Server 2012 R2. I have two NIC cards, one I have assigned a Public IP address – 41.223.59.153/30. this one is accessible from the internet.(remote users log in with this) the 2nd is private – 172.18.20.188/24 – this one is only accessible from the LAN users

problem comes because I have two default gateways. when they are both up, I cannot reach the server via the LAN .But I can reach the server via the Internet. when I disable the Public IP address, I can only access via the LAN.

is it possible for me to have them accessible at the same time? it seems the route of the public IP is more dominant. I would appreciate a step by step procedure on that

Thanks

Best Answer

Ideally you should have the default gateway set as a router on your own network to allow communication internally. A firewall box designed to deal with multiple interfaces would be much better suited than a Windows Server box.

However it is possible to specify which adapter to use by using the 'route' command. https://technet.microsoft.com/en-gb/library/bb490991.aspx

Off the top of my head you would set the PC to use the external network card by default but add a command along the lines of this:

route add 10.0.0.0 mask 255.255.0.0 192.168.0.1 metric 2

that basically says "If you want to get to any address that begins 10.0.., then use the gateway 192.168.0.1 and use network interface number 2"

I don't know the IP address conventions for your network so I can't write the specific command, you'll need to do that. I did this in the past for accessing certain internal resources using my wired connection (intranet, exchange server), then random surfing on a WiFi that my company didn't monitor.

Hope this helps.

Edit*

I without specifying that internal traffic HAS to use the correct NIC card, the server will use it's default NIC card and will try to resolve the LAN ip address from it's DNS server, which wont work. In essence right now you can send information to the server, but it doesn't know how to send information back - so it looks like it's timing out when being accessed from LAN. Again, I hope this makes sense.

Related Solutions

How to Make a Connection Private on Windows Server 2012 R2

Powershell. Here is an example of changing the network profile of a network interface called Ethernet1 from whatever it is now to "Private." I got this info from Get-Help Set-NetConnectionProfile -Full.

PS C:\>$Profile = Get-NetConnectionProfile -InterfaceAlias Ethernet1

PS C:\>$Profile.NetworkCategory = "Private"

PS C:\>Set-NetConnectionProfile -InputObject $Profile

Documentation: https://docs.microsoft.com/en-us/powershell/module/netconnection/set-netconnectionprofile?view=winserver2012r2-ps

Multiple Nics, multiple default gateways on a Server 2012R2 cluster

For every network that the cluster members have in common (having a NIC in the same subnet), the cluster will create a cluster network and enable cluster communication for that cluster network (cluster heartbeat traffic, CSV metadata traffic and redirected CSV traffic). The cluster validation wizard will attempt to communicate from all cluster networks to all other cluster networks across all cluster members (such that if any single cluster network is unavailable on any cluster member, the cluster can still communicate with that cluster member across the other cluster networks). The fact that it can't communicate from a routed cluster network to a non-routed cluster network is expected. What you should do is determine which cluster networks you want the cluster to communicate on and disable cluster communication on all the others. You can do this in the properties of each cluster network. For instance, your iSCSI network doesn't need to be enabled for cluster communication (and in fact, you don't want cluster communication occurring on your iSCSI network).

If you assigned an ip address to each physical NIC (presumably in different subnets and presumably in different VLAN's) then that's why you have multiple cluster networks and that's why the cluster is trying to communicate across all of them.

Are you using a dedicated NIC for iSCSI traffic? Do you have a dedicated NIC for LiveMigration traffic? How about for CSV traffic?

Can you tell us how you have your Hyper-V virtual switches configured? Are you allowing the management operating system to share all of your virtual switches? How many virtual switches have you created? Have you created one for each physical NIC?

Best Answer

Related Solutions

How to Make a Connection Private on Windows Server 2012 R2

Multiple Nics, multiple default gateways on a Server 2012R2 cluster

Related Topic