Currently we have a Windows XP computer with 2 NICs. We want all traffice destined for private IP addresses to go in/out of NIC (10.1.1.20) and all public traffic to go in/out NIC (173.x.x.x)
Our configuration:
We are not needing the 2 NICs to be connected in any way. (We are not trying to use this machine as a router)
What do we need to do?
Thanks!!
You want traffic for just a specific IP address to go through 10.1.1.20, and ALL other traffic to go through 173.x.x.x, correct?
This is simple to do, thankfully. From the command prompt, enter:
route add y.y.y.y mask 255.255.255.255 10.1.1.20Where y.y.y.y is the public IP address, and 10.1.1.20 is the IP address of the network card (obviously). This route will be removed upon restart of the machine, so to make it permanant, add a
-pto the end of the command.I assume you meant "all traffic destined for a private IP address to go in/out NIC (10.1.1.20)" ?
If so, please could you provide a little more detail?
What private addresses do you have present in your LAN? Is it just 10.1.1.0/24? (i.e. 10.1.1.1 - 10.1.1.254) Or are there other private addresses (10.x.x.x; 172.[16-31].x.x; 192.168.x.x) to be concerned about?
Are you certain there are no public IP addresses in use on your LAN?
If you only need access to the 10.1.1.X network via your LAN NIC, then you should be able to do this by configuring your internet facing interface as the default. You can do this by lowering the metric of the default route configured on your internet facing NIC:
EDIT: in response to your comments.
The 10.1.1.x addresses will already be routed via your LAN NIC, as they will be considered directly connected. See the third entry in your routing table:
In order to ensure the 10.1.2.X addresses will be routed via this interface, you will need another static route. The following command should work:
The '-p' makes the route persistent across reboots.
Regarding my second question: there are some organisations that have both public and private address space within their internal networks (not on the internet). If you are certain that 10.1.1.x and 10.1.2.x are the only address ranges in use, then this does not apply.
Regarding two default gateways: this was previously not recommended as all default gateways would be installed with a metric of 1, which lead to ambiguity as to which route should be used for traffic matching the default route. In this case, your two default gateways have different metrics; the one with the lower metric will always be preferred as long as that interface is available. (See this answer for more detail).
Note that currently the default route via your 10.x.x.x interface has a lower metric (20, rather than 30), which will lead to any internet traffic being routed to your LAN.