2

I have the following setup:

Network

Server A has two NIC's - one connected to each switch. Server B just has a NIC connected to the internal switch.

Server A and Server B can both ping each other. But when I open a web browser on Server B to access the internet, or to ping an external IP address (e.g., 8.8.8.8), the packets aren't routed through Server A.

Both machines run Windows Server 2008. I tried Routing and Remote Access using a NAT configuration, selecting the external NIC as the "internet" connection, but Server B is still unable to ping any external IP addresses.

What are my options for granting server B access to the internet via Server A?

Edit: IPFire turned out to be a great solution.

Paul Stovell
  • 272
  • 3
  • 11
  • My setup seems similar to this, however, RRAS does not seem to forward any requests: http://social.technet.microsoft.com/Forums/en/winserverNIS/thread/7a446031-702c-4a33-b6a7-ed367ca813d7 – Paul Stovell Jul 08 '11 at 15:11

2 Answers2

2

This appears to be a terrible architecture overall but if you insist on doing this you just need to install some form of proxy on server A then point to it from your applications on server B - that or design it right of course.

Chopper3
  • 101,299
  • 9
  • 108
  • 239
  • Thanks for your constructive feedback. Can you explain what "doing it right" might look like? – Paul Stovell Jul 08 '11 at 15:21
  • Well, using a router and/or firewall to do routing and/or firewalling. – Chopper3 Jul 08 '11 at 15:23
  • The switches are vSwitches in an ESXi box. The external switch is mapped to the physical network card, the internal switch has no physical NIC. So server A will play the part of a router and/or firewall. Windows Server has a firewall, and has a role called "routing and remote access", so it seemed like a good enough fit for routing and/or firewalling. But I'm open to alternatives. – Paul Stovell Jul 08 '11 at 15:28
  • So why isn't Server B just connected to the external switch too then? I'm not sure the Windows Firewall and RRAS is what you really need, I know there's a lot of guys on here that use the pfsense vm appliance. It's a router and firewall that you'd put between the outside world and your servers, really reckon it's worth a look. – Chopper3 Jul 08 '11 at 15:38
  • 1
    Thanks to your suggestions I looked at a few Linux firewall/router distributions. I ended up trying IPFire, and within 20 minutes I had working what I spent a day trying to make work with Windows Server. Props! – Paul Stovell Jul 09 '11 at 14:36
  • Boom! well done dude, I don't know of IPFire so I'm off to look at it myself now, so thanks for that - glad you got things working. – Chopper3 Jul 09 '11 at 15:02
1

Not very highend but ICS + Network Bridge might work?

http://technet.microsoft.com/en-us/library/cc770507(WS.10).aspx

Schneider
  • 838
  • 4
  • 14
  • 22