General discussion

Locked

Is it possible to add one server to two different DMZ networks?

By tom ·
2 Network Cards in one machine and 2 Internal Networks - But can only see internally if 2 x gateways are entered

Hi Experts,
Is it possible to add one server to two different DMZ networks?
I currently have a Windows 2003 machine which is currently sitting within one DMZ area of my internal network. The network adapter is configured as follows:

IP Address: 172.16.100.1 (This is mapped to an external IP of 88.45.100.1 via the Firewall)
Subnet Mask: 255.255.0.0
Default Gateway: 172.16.100.254

DNS1: 88.88.88.98
DNS2: 99.99.99.99

I can happily ping this address from within my LAN without issue, example LAN config as follows:

IP Address: 192.168.100.15
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.100.254

Now, here is where I am having trouble. I'd like to add another firewall and some new external IP's (from another ISP).
I have configured the DMZ port of the new firewall as follows:

IP Address: 182.16.100.253
Subnet Mask: 255.255.128.0
DHCP: Off

And have configured the second network card in the server as follows:

IP Address: 182.16.100.6
Subnet Mask: 255.255.128.0
Default Gateway: <Empty>

DNS1: 88.88.88.98
DNS2: 99.99.99.99

I have also added this new firewall into the existing LAN - it has the following IP details:

IP Address: 192.168.100.253
Subnet Mask: 255.255.255.0

Now, when I manually reconfigure one of the machines on my LAN (take the example above) to:

IP Address: 192.168.100.15
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.100.253 (notice the change .254 to .253)

I can happily see all the machines and servers on the LAN without issue, and I can connect to the outside world with the new Public IP however when I ping the address of the second network card in the server (ie. 182.16.100.6) nothing happens, it times out.
However, if I add another gateway address to this second network card - as follows:

IP Address: 182.16.100.6
Subnet Mask: 255.255.128.0
Default Gateway: 182.16.100.253

Then I can happily ping the machine from my LAN.
The server now has two network cards and each with a gateway so it can no longer connect to the outside world. How can I fix this?

Many thanks

This conversation is currently closed to new comments.

1 total post (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Is it possible to add one server to two different DMZ networks?

by ankit7780 In reply to Is it possible to add one ...

Yes u can
probebly for the second lan card u remove the Default gateway, and instead of default gateway u inster static route in the server toward the another network.
so by mean u two routes in your server.
0.0.0.0 0.0.0.0 pointing to your default network and another for another range of subnet pointing towards his default gateway.

Back to Networks Forum
1 total post (Page 1 of 1)  

Related Discussions

Related Forums