Server with NICs in different VLANs: Separation

Discussion in 'Windows Networking' started by Jan Lausch, Jul 6, 2009.

  1. Jan Lausch

    Jan Lausch Guest


    One question for the geniuses: I'm not sure if it's possible to do this
    with windows. Could you please give me a hint?

    There is a server (shared folders, proxy etc.) with a connection to the
    This server shall be connected to the LAN via two VLANs, either tagged
    (one NIC/cable) or untagged (two NICs/cables).
    Devices in one VLAN should not be able to see devices in the other VLAN.
    But however from both VLANs access to the server shall be possible and
    also via the server out to the WAN.

    The server could be Windows SBS or a Linux.

    I have yet found out that Windows does not natively support tagged VLANs,
    apparently this has to be implemented in the NIC device drivers. But ok,
    doesn't matter, I can choose the NICs accordingly.

    But what I don't know yet is if I can keep the VLANs clearly seperated
    even though common acces to the server and WAN.

    Can you perhaps help me here? Is it possible to do this with a Win SBS?

    Jan Lausch, Jul 6, 2009
    1. Advertisements

  2. Although it ia a crappy idea, without a Router between them (the server is
    not a router),...then yes,... they are separated.

    But then you have to deal with all these possble issues...

    159168 - Multiple Default Gateways Can Cause Connectivity Problems

    Name resolution and connectivity issues on a Routing and Remote Access
    Server that also runs DNS or WINS

    272294 - Active Directory Communication Fails on Multihomed Domain

    191611 - Symptoms of Multihomed Browsers;EN-US;191611

    Microsoft Windows XP - Multihoming Considerations

    157025 - Default Gateway Configuration for Multihomed Computers;en-us;157025&Product=win2000

    Phillip Windell

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    Phillip Windell, Jul 6, 2009
    1. Advertisements

  3. Jan Lausch

    Jan Lausch Guest


    Thanks, Phillip, for your extensive help.

    I see the point you're making, thanks for all the pointing to problems.
    In fact, I will think about having a seperate router but for various
    reasons it's likely that that's not going to be possible.

    But thanks for now.

    Jan Lausch, Jul 7, 2009
  4. Jan Lausch

    Bill Grant Guest

    At least, forget about using SBS server. SBS is a special case and
    designed to run as the first/only DC in a domain. It is most unsuitable to
    run as a standalone router!
    Bill Grant, Jul 7, 2009
  5. If you watch out for the things outlined in those articals you can "get by".

    If this SBS happens to be the Premium Edition you can use ISA on it as a
    "router". ISA is designed as a Firewall but it is also able to serve as a
    LAN Router as long as you don't want to get deep into Dynamic Routing
    Protocols,...basically you'd just have Static Routing.

    However if it is not the Premium Edition then you can't use ISA with it.
    Why? Because of the SBS licensing and because it only works with ISA2000
    (pre SP1) and ISA2004 (post SP1), and it must be installed from the ISA
    installation on the SBS Premium Install Disks,..not from a standalone ISA
    install disk, using the SBS installation Wizard. ISA2006 won't work at
    all,...not compatible.

    Phillip Windell

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    Phillip Windell, Jul 7, 2009
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.