To make backups the server (windows) needs to be able to access a Network-Share from another windows server. In the firewall I have given permission to one of the interfaces to be able to do this access. However always when I try to open up the network share with \192.x.x.x\share$ it takes the other interface and the firewall would not allow it. Is there any way of forcing the server to take the other interface?
Asked
Active
Viewed 2,606 times
1
-
Your best bet is probably a custom route, however, there are a few things to consider when setting that up. are the two interfaces on the same subnet? Is the backup server on the same subnet as the server being backed up or a different subnet? If it is on a different subnet are there any other machines on that subnet that need to be accessed via the other port? – Mike Garuccio Nov 23 '16 at 19:44
-
The two interfaces are on the same subnet and the backup server is on a different subnet. No only the backup server has to access different machine on a different subnet but not the other way around. I just dont quite understand on which setting windows chooses to access the share over the other interface. Would be better if I could controll that instead of giving the access to both of them. – M.T Nov 29 '16 at 12:39
-
ok so the backup server is on one subnet, and then the server you are backing up has 2 NIC's on the same subnet? unless you can set an affinity for a specific NIC inside the backup client I am not sure that you are going to be able to tell Windows to use one NIC over the other for specific traffic, Windows networking really isn't intended to work that way, with multiple NIC's on the same subnet you really should be using teaming. If the NIC's were on different subnets then you could just add a route that specified traffic to the backup server should go over that network. – Mike Garuccio Nov 29 '16 at 14:54
1 Answers
1
Windows does allow you the option of setting priority for network interfaces, but that will affect all traffic. To accomplish what you want Mike gave you the best solution.
If both interfaces on the source machine are on the same subnet, then you'll have to add a static/permanent route for both interfaces and give a LOWER metric for the interface that you prefer the traffic to use. Since the metric can be thought of as the "cost" of a route, the lower metric is chosen when routing.
> route ADD 157.0.0.0 MASK 255.0.0.0 157.55.80.1 METRIC 3 IF 2
destination^ ^mask ^gateway metric^ ^
Interface^
For a routing entry for a single IP (host) you'll use a netmask for 255.255.255.255.
To get a list of your interfaces use:
netsh interface ipv4 show interfaces
The metric listed on this command is known as the default metric. The "Idx" is the interface "number" that you'll use when adding routes. If interface 1 has a default metric of 100 and interface 2 has a default metric of 200 and you want to force the traffic to use interface 2, then the routes you create must have a metric difference of 100+. For example you would add a route with a metric of 500 on interface 1 and a route with a metric of 10 on interface 2.
Use the -p switch to make a route permanent/persistent (survives a reboot).
E.g.;
route -p ADD 107.206.12.34 MASK 255.255.255.255 10.0.0.1 METRIC 300 IF 2
apocalysque
- 419
- 3
- 8