I have a new Winwdows Sever 2008 R2 machine with two network cards. The situation is as follows:
- One network card is connected to CompanyLAN_1 (10.0.0.0/24)
- Through this card the machine can reach 10.0.0.254
- Through 10.0.0.254 the machine can reach 10.0.0.0/16
- The other network card is connected to CompanyBackup_1 (192.168.0.0/24)
- Through this card the machine can reach 192.168.0.254
- Through 192.168.0.254 the machine can reach 192.168.0.0/16
- The machine should NOT be able to access any networks beyond 10.0.0.0/16 and 192.168.0.0/16 (the machine should have no internet access at all)
What is the proper/recommended way of setting this up in Win2k8R2?
A) set up the network cards with the proper netmasks and put default gateways to each one
B) set up the network cards with the proper netmasks and put a default gateway to the normal one and add a static route to the backup one
C) set up the network cards with the proper netmasks and add two static routes, one for each?
Any link to official Microsoft references detailing recommendations would be welcome as well.
The simplest way to do this is not to specify any default gateway. When you do that, only the networks specified in the local routing table will be available.
You should, however, consider using a proper firewall for this machine: not only is it simpler to configure, it's also much more resilient to problems.