General discussion

Locked

One machine, two networks

By mpretti ·
I have one machine connected to an internal network (10.10.xxx.xxx), and this network provides limited internet connectivity.

I installed a second network card, and plugged this into an ADSL modem.

My goal is to be able to access this machine from home, allowing me access to the internal network from home via VNC or pcAnywhere or something similar.

The problem I ran into is that as soon as the computer is connected to both networks it drops one of the connections. Can I configure the network (add a router?) so that the network card connected to the ADSL line is only used for VNC and nothing else, hence keeping both connections alive ?

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by jonno112 In reply to One machine, two networks

Your adsl modem, does it have port forwarding or NAT because what i do is port forward :5800 (VNC Viewer and :5900 (Web browser) to 10.x.x.x. so when i type in the ip address or the domain name it allows me to vnc into that machine and give me access to that network.

Is that what you want?

You must have a static ip to do this or if dynamic a DNS forwarder.

Would you also still need the 2 connections?

Collapse -

by wlbowers In reply to One machine, two networks

You are gonna hear a varity of ways to do this.

Bridge the nics, port forwarding ect.

This is what I would suggest.

Register the ADSL modem with http://www.dyndns.org/

This will allow you to access the modem by name.

Run the ADSL and the internal network into a Cisco router. 1700 or 1750 will work just fine.

You can do all of your configuration for connection in the router. It will only take one ethernet to the PC.

Lee

Collapse -

by GDoC In reply to One machine, two networks

You have two questions.
Multi NIC routing.
I accomplish this through running a small route modification batch file.
You will want to delete the default route on your 10.10.x.x connected NIC
Next add a default route on the ADSL connected NIC pointing to the ADSL router as a gateway.
IF the 10.10.x.x network is subnetted you will want to point a 10.10.x.x 255.255.0.0 gateway.
You didn't state what OS, but in windows the batch file would look like:
route change 0.0.0.0 mask 0.0.0.0 192.168.0.1 (this is the ADSL interface)
route add 10.10.0.0 mask 255.255.0.0 10.10.0.1 (this is your normal interior router)
route print (this will show your present routing table)
pause (this will let you view the table)
exit

As to the second question. Depending on the ADSL router, you can configure the imbedded FW to forward certain port request (such as 5900-5910) to a specific IP address (this would be your system) while blocking all other internet generated port request. This will allow you to surf across the ADSL line while permitting VNC. You can also configure a personal FW on your system for the same (recommended)

Collapse -

by GDoC In reply to

Addendum:
You Do Not want to bridge or permit forwarding between these interfaces! Doing so would compromise any FW that you have in place. The limitation to VNC (and preferably a remote address) will permit for your surfing and remote access without opening a major hole....but you should still check with your network security policies, as this type of connection is typically frowned upon.

Collapse -

by techrepublic In reply to One machine, two networks

Do this on my network and you're fired!

Seriously, there's a reason your primary network has limited internet connectivity. If you have special needs that go beyond what that provides, work with your administrator to provide what you need. A quality IT department understands that they need to provide an environment that it's users can use to be productive. I make controlled exceptions for my users all of the time. If a user did what I see you doing, I'd do my best to see you walk out the door.

If I'm wrong and you're acting within the guidance of the IT department, I have to question their logic for allowing this kind of vulnerability into their network.

Collapse -

by hozcanhan In reply to One machine, two networks

very risky move ! you are taking the risk of being blamed for some serious security breach, that you have not compromised . That's for you to decide . But , one method may be to load a fully fledged server os on your machine , that is capable of routing and protecting the internal net at the same time . yes , costly but risk free .

Back to Networks Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums