--- On Tuesday, January 04, 2005 3:32 PM, Jochem van Dieten scribed: --- > > Howie Hamlin wrote: >> >> I have several Windows 2003 servers and a few Windows 2000 servers >> with dual NICs. One NIC is plugged into a firewall for internet >> access and the other is plugged into a switch for internal LAN >> access. The specs are: >> >> 216.168.137.x (public IPs on the WAN) >> 10.10.10.x (internal IPs) >> 10.1.1.x (VPN to other office) > > Do all of these have 255.255.255.0 as subnet mask? On what interface > is the VPN running? >
The internal and VPN are using 255.255.255.0 but we only have 1/2 class-c for external addresses so these are configured as 255.255.255.128. The VPN is on the WAN port. > >> Could someone give me some info on how to ensure that all internet >> traffic goes to one NIC and all of the internal traffic goes to the >> other NIC? > > Make sure you have DNS set up for your local IP adresses (for > instance using .local instead of .com) and connect to the .local name > of a system and not the .com name. (.local is prefered per the IETF > Link-Local workgroup, unless you have Macs in your network which are > not RFC compliant.) > Yes, this is how it is set up. What's weird is that the firewall is showing errors like this: 01/03/2005 08:18:39.224 - IP spoof detected - Source:10.10.10.51, 137, DMZ - Destination:209.177.0.5, 137, WAN - MAC address: 00.0B.DB.91.0C.01 - This seems to indicate that a server received a request from an external source (209.177.0.5) and tried to reply on the DMZ port (which is correct) but used a source address of 10.10.10.51 which is not correct. Thanks, Howie > Jochem > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:5:141536 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/5 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:5 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.5 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54