none
Sending Network Traffic Between two NICs without using NAT RRS feed

  • שאלה

  • Hello,

    We have the following setup:

    PC1 - Private Network, running proprietary streaming software.

    PC2 - Right now this is Server 2016, but I would prefer that it was Windows 10 if that is possible.  This PC has two NICs, one on the Private Network (same as PC1) and one on the House (or Public) network.

    Laptop - On House Network, running intranet page that views the streaming video from PC1.

    If PC1 and Laptop are on the same network (i.e both on the house) I have not problem streaming the video.  However, I am trying to find a way to put PC1 behind PC2 for security reasons.  In my first attempt at this, PC2 was running Server 2016 and I enabled RRAS and setup an NAT.  The problem I have with that, is that our streaming software doesn't play nice with NATs and the UDP traffic does not get to the Laptop.  I am trying to avoid having the engineers here have to re-write the streaming software to be able to get through NATs.

    So my question is, does anyone know of any other way on a Windows 10 or Windows Server 2016 system to route traffic from one NIC to another on separate VLANs that would allow UDP traffic to flow through?

    Also, the other piece of this is that I would like to allow traffic from the House network to the Private network but only on specific Ports.  So I would be looking for a way to specify that.

    Here is a quick drawing to show what we are doing:

    Any help or thoughts on how to do this would be greatly appreciated.

    Thanks!

    יום שישי 27 ספטמבר 2019 18:50

כל התגובות

  • Hi,

    Thanks for your question.

    This is a quick note to let you know that I am currently performing research on this issue and will get back to you as soon as possible. I appreciate your patience.

    If you have any updates during this process, please feel free to let me know.

    Best regards,

    Michael


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com


    יום שני 30 ספטמבר 2019 09:51
  • Hello ismpearson,

    Your text mentions 3 devices (PC1, PC2 (currently Server 2016) and Laptop) but the picture shows 4 devices (PC, Server, Laptop, Gateway Device).

    Is the "Gateway Device" PC2?

    What aspect of the use of UDP by your streaming software doesn't play nicely with NAT? Does it use dynamically assigned UDP port numbers? Without knowing details of this aspect of the behaviour, all that one can do is rule out any type of "NAT" like approach.

    One could use a VPN from the Laptop to the "Gateway Device" - this would protect PC1 from unauthorized access from the public network. It would not constrain the ports on PC1 that could be accessed from VPN authenticated clients, but Windows Firewall on PC1 would probably be adequate for that task.

    Gary

    יום שלישי 01 אוקטובר 2019 09:33
  • Hi,

    Just want to confirm the current situations.

    You can use dual NICs for connecting a computer to different VLANs, however, having a default gateway configured on both interfaces, doesn't make a lot of sense, from a networking perspective.

    The default gateway is only used by the computer to figure out where to send the packet to if the destination address or a route to the segment is not listed in the local routing table of the computer.

    If there are multiple routers (gateways) available for the computer that has more than one NIC, you could use the ROUTE command to tell the computer which interface you want the packets to leave from.  Its a bit hard to explain without having more information about your network layout.

    We can refer to this blog to see if it helps.

    How IP Packets are Routed on a Local Area Network

    http://www.anitkb.com/2010/06/how-ip-packets-are-routed-on-local-area.html

    Hope this helps.

    Highly appreciate your effort and time. If you have any question or concern, please feel free to let me know.

    Best regards,

    Michael


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    יום שלישי 08 אוקטובר 2019 09:58