as some of you may be aware, I'm currently involved in an on-going saga in getting our servers up and running. As pretty much a newb, I'm slowly making progress, but I've hit a stumbling block.
Here's a bit more about us: We're a website. We've grown too big for our server and hit the ceiling our lowly PowerEdge can handle. For a solution we're adding two servers: One as a Firewall/Router/VPN and one as a Web Application server. The original will be altered to become a DB server.
All three boxes are running Windows Server 2008 R2 and I'm using RRAS to configure it all. All three boxes are DIRECTLY connected (there are no hardware hubs, switches or routers).
This diagram hopefully gives a clearer idea of what I'm talking about (even though it's pretty vague).
The IP addresses are the static IPs I'm configuring for each network adapter.
Focussing on the "left-hand leg" (10.0.1.1 to 10.0.2.1), we currently have the following setup:
FIREWALL/ROUTER
For the adapter facing the Web App server (10.0.1.1):
- IP: 10.0.1.1
- Subnet: 255.255.255.0
- Default gateway: (blank)
WEB APPLICATION SERVER
For the adapter facing the Firewall/Router (10.0.2.1):
- IP: 10.0.2.1
- Subnet: 255.255.255.0
- Default gateway: 10.0.1.1
What's odd is that the Web Application server thinks that the connection is an identified network and thus I've been able to set it to Private Network (Work), but on the Firewall/Router it classes the connection to the Web Application server as unidentified Public.
Why would it do this? How can I fix it? What should I put in the (blank) space?
Thankfully the Web Application server is able to get an internet connection through RRAS's NAT on the Firewall/Router, so things appear to be configured correctly so far. Am I going about this the right way?
Thanks for any help or pointers.
UPDATE
Thanks to advice from Massimo and Sim, we've decided to get a switch. Now our configuration looks more like this...
Thanks again, folks. This has been (and will continue to be) a real learning experience.
This is the same question as "Windows 7, network connection with no default gateway: any way to change the “Unknown network” status?".
Short answer is: this is normal behavior. Unfortunately you won't be able to make the "unidentified network" message go away unless you specify a default gateway on the adapter. The specified gateway must respond to ARP requests (meaning: it must be alive).
To change the network location type you could try:
If you right click on Network List Manager Policies you can change the networks it displays from Connected Networks to Show All Networks.
Why did this happen? Possibly because the Web Application Server had the Router as its default gateway and hence could identify the network where as the Router didn't have enough information on the Web Application Server and defaulted it to the untrusted public type. Have a read of What settings does Windows use to determine network location?
This seems confusing to me because all the network interfaces are on the same 10.0.0.0/16 network.
I think you should have 4 separate networks for each line in your drawing, if you're insisting on not using hubs or switches. Otherwise you're going to have to put in a static route on your web server to your database server and vice-versa.