0

I have the following scenario. A server with two network cards and windows server 2003 installed.

This server will act as a domain controller via one of its network cards; the other card has internet connection.

I’d like to know if I have let’s say a FTP client installed on the server, which needs to connect to the internet:

  • Would it know which network card to use?
user9517
  • 115,471
  • 20
  • 215
  • 297
Rauland
  • 113
  • 3

3 Answers3

2

Just configure one of the NICs with a gateway and dont give the other NIC a gateway so it doesnt have a choice which way to go to the internet.

I hope your domain controller sits behind a NAT router so it's not exposed to the internet.

Espennilsen
  • 454
  • 3
  • 8
  • Thanks, yes it is behind a router. So any application installed on the server, which requires access the internet, will always use the card with the gateway and ignore the other one? – Rauland Apr 12 '11 at 19:44
  • @rauland: It completely depends on your routing table. Both cards may have valid routes to 0.0.0.0 (the outside world...usually), in which case the traffic will go to the route with the lowest metric number. – Satanicpuppy Apr 12 '11 at 19:52
  • @rauland: yes just keep the gateway property empty on the NIC that is connected to your internal network. The day you need routing internally you need to look into the routing table and stuff. – Espennilsen Apr 13 '11 at 11:35
1

It would use whatever interface has the default gateway configured for it.

from the server machine open a command prompt and type - route print

it will display a route to 0.0.0.0 0.0.0.0 (this is the default route anything not more specific will take this) it will also say what interface it is configured for.

Recourse
  • 33
  • 5
0

It won't automatically know which one to use, no. But you can specify this using the route command.

You can try to configure the AD services to only use the IP of your "internal" NIC, but it's better if you just set your upstream firewall to block all inbound/outbound domain traffic. I don't really trust the AD not to try and make friends on the outside.

Satanicpuppy
  • 5,946
  • 1
  • 17
  • 18