Dual Homed NIC

Why would you want to connect to separate two networks?

When you want to separate two networks from each other but would want to connect between them you would use two dissimilar network interface cards. One card would attach to network A and the other to network B. The computer is nicknamed a Dual Homed, so we have two NIC's that are called Dual Homed NIC's.

If you read this page it would come clear how I set up a proxy server with firewall for my business network.

I use two network cards one is on one network A with an IP range of say 10.10.10.01 through .254 (two hundred and fifty four connections, the numbers 0 and 255 are not usable in a network; they are reserved).

The second network card is on another IP range from say 162.198.1.1 through 162.198.1.254. Network B is connected to my router and then the internet.

The server that has the two network cards also has a program called a Proxy Server, a proxy server has programming that will connect from the 10. range to the 162. range using what are called rules, if say I want to connect to a web site on the www I would set my browser to connect to the gateway address on the server on Network A say 10.10.10.5 the web browser would lookup the IP address of the web site I want to connect to say 41.151.189.44 it would send a query to that address through the gateway, the proxy server would see the address the browser is trying to connect to is not a local address and send it on to the Network B which is connected to the router, the router would then send the query to the web site, the web site would respond and send the data back and the proxy server would send the data to the browser.

A long winded explanation but accurate as to how a computer behind a proxy server and two firewalls would be able to connect to the internet and the network behind them will be protected from attack by hackers.

I have a complicated but simple network for my business (see this page for an illustration of a DMZ) behind the router is another router, that router is connected to my proxy server, all three have a firewall. The proxy server is twin homed in that it connects to the inside router and to my internal network.

However I want to put my Web Server outside the second router and private network so I had to set it up in a DMZ (Digital Media Zone) that connects to my ISP router with out any firewall on the router interfering with traffic coming to the Web Server. I also want to be able to work on my web server remotely and still be behind the router and it's firewall so I set the web server up with twin homed nics. At first it was a pain to get the network cards configured so I could get straight out to the internet and then connect from behind my second router, the two firewalls. and the proxy server.

To keep the confusion at a minimum I setup the web server to private network first, I can connect and work on the computer remotely with out problems. Next I need to work on the firewall.

I want the firewall to block all but for types of connections to the router NIC:

Port 80 outbound/inbound for a web browser and the Microsoft Windows update service.

Ports for an email service inbound/outbound

Port 443 which is HTTPS for my web sites

On the private network NIC I open all the firewall ports I need to connect remotely and a few other service ports.

Setting up Dual Homed NICs is fairly straight forward.

It is the same for any nic with a static IP the only difference will be with the gateway and DNS addresses.

On the private network side I have a DNS service for the local network so that DNS address will only work for connection to the private network, if you do this you may not want to use a local DNS. Also if you use the local network gateway then you might not have access to the internet which defeats the purpose of having the Dual Homed NICs.

On the router side I have the other nic set for a DMZ with a static IP, I use the ISP DNS and the router's IP for the gateway.

I can connect out bound for web access and updates for the server OS, I have my business email working and at this time working on the  web sites.

I have the same setup for my business network with two firewalls and a proxy server for internet access from behind the firewalls.

And now my spiffy Server 2016 with IIS 10 has a Dual Homed NIC's and can talk to the internet...