[英]Windows 2012 Server configure network to 2 ISP
I would appreciate any help with configuration of MS Windows Server 2012 R2.我将不胜感激任何有关 MS Windows Server 2012 R2 配置的帮助。 I have tried more solutions, but any of them were not so appropriate.
我尝试了更多的解决方案,但其中任何一个都不太合适。 The idea is on the attached schema belove.
这个想法是在附加的模式 belove 上。
Server has AD.服务器有广告。 Server has 2 NICs.
服务器有 2 个网卡。 Both are configured on the same subnet.
两者都配置在同一子网上。 (192.168.1.0) with IP addresses manually configured as is on the schema.
(192.168.1.0) 并按模式手动配置 IP 地址。
NIC 1:网卡 1:
IP:192.168.1.254
MASK: 255.255.255.0
GW: 192.168.1.1
DNS 1: 192.168.1.254
DNS 2: 192.168.1.1
Metric: 10
NIC 2:网卡 2:
IP:192.168.1.154
MASK: 255.255.255.0
GW: no
DNS 1: 192.168.1.154
DNS 2: 192.168.1.1
Metric 100
NIC 1 is connected to router from ISP 2. NIC 2 is connected to router from ISP 1. NIC 1 从 ISP 2 连接到路由器。 NIC 2 从 ISP 1 连接到路由器。
The goal is: All clients should have access to the internet via ISP 2. Some clients have acces also via ISP 1 via VPN.目标是:所有客户端都应该可以通过 ISP 2 访问 Internet。一些客户端也可以通过 VPN 访问 ISP 1。 ISP 1 does not provide public static IP address.
ISP 1 不提供公共静态 IP 地址。 ISP 1 yes.
ISP 1 是的。 So only via ISP 1 is possible to access the local network via VPN.
因此,只有通过 ISP 1 才能通过 VPN 访问本地网络。
How to configure server to accept VPN connection and route whole traffic from VPN to local and to ISP 2?如何配置服务器以接受 VPN 连接并将整个流量从 VPN 路由到本地和 ISP 2?
Also I have tried 2 subnets (for VPN clients 192.168.2.0, for local clients 192.168.1.0 but no success to setup routing).我还尝试了 2 个子网(对于 VPN 客户端 192.168.2.0,对于本地客户端 192.168.1.0,但没有成功设置路由)。
Thanks.谢谢。
This is not how you do this, rather you need a firewall that supports multiple WAN interfaces - examples are Peplink (great if you also want to load balance the ISPs or get increased throughput by leveraging both of them) other examples include the Cisco RVx series, or Zywall USG series.这不是您执行此操作的方式,而是您需要一个支持多个 WAN 接口的防火墙 - 示例是 Peplink(如果您还想平衡 ISP 或通过利用它们来增加吞吐量,那就太好了)其他示例包括 Cisco RVx 系列,或 Zywall USG 系列。
Then your server can have one IP on the LAN (as it should) and you can use the ACL/Firewall rules to control what goes in/out which ISP.然后,您的服务器可以在 LAN 上拥有一个 IP(应该如此),您可以使用 ACL/防火墙规则来控制进出哪个 ISP 的内容。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.