I have one Windows 2003 server with two NICs, one on the internal Lan the the other to run our Public Wireless Network.
On our internal LAN the IP is 192.168.10.#. That Lan can access the Internet through its own gateway.
I have a virtual server running on the same server using a NIC with an IP of 192.168.103.#. It also can access the Internet through its own gateway.
Previously, I had the wireless running on a seperate Linux Box and I could NOT access the internal LAN. Unfortunately, since I moved that to the Windows server I can access the Internal Lan using Remote Desktops etc...
I do have a 5510 ASA device that both networks go through.
How can I block the wireless network from accessing the internal lan? I do need the internal Lan to be able to access the wireless Lan (Which it now can do).
Thanks in Advance
1. Windows Server with 2 NICS
A. NIC 1 with IP of 192.168.10.### VLAN for Internal Network
B. NIC 2 with IP of 192.168.103.5 connects to the 192.168.103.0 VLAN (Wireless)
2. VMWARE's Virtual Server runs on the Windows 2003 Box and Host Linux Proxy Server with an IP of 192.168.103.8
All wireless nodes use the proxy address of 192.168.103.8 to access the Internet.
Problem: Laptops connected to the wireless 192.168.103.0 network can Access the 192.168.10.0 network. I need the Laptops isolated from the 192.168.10.0 network.
Observation: When the Proxy Server was running on it's own box, wireless nodes could not access the 192.168.10.0 Vlan.
Pls correct my understanding here...
You have 2 Zones one is your secure internal network 192.168.10.x and the other one wireless which is 192.168.103.x.
Both the networks are connected to the firewall (ASA 5510) and also the server interfaces connecting to the firewall.
In this case we can put the secure internal network into inside network with high security level and the wireless network in DMZ1.
But whats the application which is being accessed by both internal and wireless zones. are they simply accessing internet or anything else?
After I installed the virtual server and connected it to the wireless Vlan. Next I got a laptop and signed on to the wireless network, just like the public would.
I started testing to make sure the two networks were isolated.
Specifically I tried to RDP into the secure server and I could RDP in. That is when I knew I had a problem, we don't want the public able to access out internal network.
I disconnected the wireless Vlan and powered up the stand alone server I was using, I could not RDP into the internal network. At that point I suspected something about the same server having 2 Nics on different networks must be the problem.