Using Secondary Domain Controller for Secondary Internet

By dhuffine ·

Currently I am running 3 windows 2003 Domain Controllers, We will call them DC01, DC02, and DC03.

DC01 = DNS, Main authenication, etc.
DC02 = Backup for all but DNS related stuff
DC03 = Exchange 2003

Currently DC02 and DC03 look to DC01 for internet access via ISP-1.

What I would like to do is route DC02 to ISP-2 via DC01, so that depending on which DNS server is entered in the computer as Primary is what internet connection that person would get.

I.E DNS ip = 3 meg internet ISP-1
OR DNS IP = 5 meg Internet ISP-2

This way I can seperate via departments according to who needs more bandwidth.

Currently ISP-2 has no connection to any of our DC's, but I will be working with the ISP to set that up in the next few days, I am just preparing ahead of time.


Can anyone provide me good information on preparing and moving an exchange server (DC03) over to a new ISP. Our current ISP has given us a bulk of Dirty IP's and our external email is blocked by about 3 major companies (AOL, Comcast, and Paid for Gmail accounts) Although gamil, verizon, and just about any other Email is not blocking us just those three.

And I mean, I am looking for a "Moving Exchange to new ISP for Dummies" type of thing, step by step walk throughs on what needs to be done.

I am new to all this and am the only person this company has, and I have a general idea of how this all works, I've just never done it before.

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
Thread display: Collapse - | Expand +

All Answers

Collapse -

I've seen this question before...

by CG IT In reply to Using Secondary Domain Co ...

but the question wasn't about internet connectivity. was about DC1 failing and installing a new DC1 on new hardware..

Collapse -

Proxy Servers

by benw In reply to Using Secondary Domain Co ...

I would suggest running two proxy servers. It is a bit costly, but they can run on your DC01 and DC02 easily. A proxy server allows certain Active Directory groups access to the internet. for instance i have an "Internet" group populated with members. In your case, you could create two groups "InternetDC01" & "InternetDC02" with each proxy server only allowing either group access.

Once this is setup you will either need to configure each machine manually to point to either proxy server or configure 2 group policies that are applied to all machines on the network.

Both group policies would only have information pertaining to either proxy server and only readable by either group.

As for Exchange, does email get sent directly from a user to your exchange box, or does your exchange box pull the mail down from the ISP?

Hope this helps and makes sense,

Kind regards,

Collapse -

Re: Poxy Servers

by dhuffine In reply to Proxy Servers


2 years back when we were running on a 2000 domain before we upgraded to 2003, we had it all setup in the DNS, as far as which internet provider you attached too. I might just have to contract our old Systems Admin (who's a good friend) and get him to set it up for us, and teach me. I have to find a way to do it without costing the company any more money.


As for exchange, Email gets directly sent from a user.

Back to Networks Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums