FW: Win2k - Multiple internet sources info

From: mstevenson@quickhire.com
Date: 11/01/01 

From: mstevenson@quickhire.com
Message-ID: <1190DE9E1A0FD511AB8E000102CCFE84051DBB@mail.nethot.com.pr>
To: security-basics@security-focus.com
Subject: FW: Win2k - Multiple internet sources info
Date: Thu, 1 Nov 2001 11:17:37 -0500

I don't see why you would want to do this, other than eliminating a single
point of failure for your internet connection, or possibly splitting up the
traffic on the two uplinks for better connectivity. If that's the case and
the budget allows, I would look into load balancing your 2 uplinks with a
router/s. I agree that using port boundaries (even though possible, at least
I'd know how to do it on *nix with ipf/ipnat) is NOT the way to go about it.
It's very possible that a high-end cisco router would either load balance,
or round-robin between your two uplinks.

Miles Stevenson
QuickHire Network Support Specialist

-----Original Message-----
From: Jason Waldhelm [mailto:jason@alamopc.net]
Sent: Tuesday, October 30, 2001 2:07 PM
To: 'Geurts, James'; security-basics@security-focus.com
Subject: RE: Win2k - Multiple internet sources info

i think that you will have problems splitting up ports like you want to... i
could see it causing problems especially if software initiates or accepts
connections on multiple ports that traverse your 1024 port boundary.

the direction of specific ports and/or ip addresses is much simpler (and in
my opinion, makes more sense). you would simply use routing statements to
designate the proper interface to exit or return on.

-----Original Message-----
From: Geurts, James [mailto:JRGEURTS@software.rockwell.com]
Sent: Thursday, October 25, 2001 11:30 AM
To: security-basics@security-focus.com
Subject: FW: Win2k - Multiple internet sources info

Hi all....

I am looking at adding another source to the internet to my small home
network. The OS is Win2k Server (latest patches, etc) Both sources will
have separate NICs & ip addresses. I would like to direct all traffic below
port 1024 to one source and all other traffic to the other source. Also, I
would like to direct specific ports and/or specific destination ip addresses
to one of the specific internet sources coming into the computer. I would
like to hear what options I have available to do this and if anyone has done
this, any problems, recommendations, or things I should know before doing
this.

thanks

Jim

Relevant Pages

  • Re: SBS 2003 Single NIC firewall settings
    ... Then run the CEICW wizard from the Server management console ... > make a RAS VPN connection or access the company web site (which, ... > Internet and RRAS/VPN. ... > find where I go to open ports. ...
    (microsoft.public.windows.server.sbs)
  • Re: Microsoft Worm
    ... > securing their machines and who require full access to the internet. ... > every provider imposed NAT on their customers and started blocking ports, ... As for NAT, I've always had a NAT system on my home internet connection ...
    (alt.computer.security)
  • Re: ZoneAlarm Security Alert - My own ISP?
    ... which is a direct connection to the Internet, then you remove Client for MS ... and the NetBios ports are closed. ... computer cannot network with other computers. ...
    (comp.security.firewalls)
  • Port Forwarding Not Working
    ... I am unable to get ports to forward to another computer or device on the ... I have a straight-forward setup. ... In the RRAS manager, under Nat/Basic Firewall, WAN Internet Connection ...
    (microsoft.public.windows.server.networking)
  • T1 ...,
    ... t1 internet connection ... price of t1 ...
    (rec.org.sca)