Solve the Problem of simultaneous access to the Intranet and Internet by dual Nic machines

(This article was previously reproduced on the Internet and has been modified. I will repeat it after my operations)

In the past, I installed a dual Nic on my computer (not a server) to facilitate the test. The dual Nic accesses two different networks but can access the Internet. Recently, in order to build and test a VPN, I connected one of the NICS to a small Intranet (that is, they cannot access the internet). Now I have a problem: I can only access that small Intranet, but cannot access the Internet, after reading a number of solutions, I think it is better to manually add routes and distinguish priorities.

The following are the system environment and solutions:

Intranet IP address of the Local Machine: 192.168.3.172 subnet mask: 255.255.255.0 Intranet Gateway: 192.168.3.240 (inaccessible to the Internet)

Local Internet IP Address: 192.168.1.199 subnet mask: 255.255.255.0 Intranet Gateway: 192.168.1.1 (accessible to the Internet)

Solution:

Open "run"> enter "cmd", and then enter the following command:

Route Delete 0.0.0.0 mask 0.0.0.0 192.168.3.240 # delete an intranet Gateway

Route change 0.0.0.0 mask 0.0.0.0 192.168.1.1 metric 2 # change the default priority of the Internet gateway to 2, 220.184.16.118 for the Internet IP Address

Route add 192.0.0.0 mask route 0.0.0 192.168.3.240 metric 1 # Add an intranet route entry and set the priority to 1

Now the Intranet and Internet can be accessed at the same time, but the problem persists. After the restart, these changes will become invalid and need to be reconfigured. If you write DOS batch processing, you can start it on your own when starting the instance. The following is my batch processing reference: (copy to notepad, change the gateway, and change the suffix. BAT)

@ Echo off

Route Delete 0.0.0.0 mask 0.0.0.0192.168.3.240

Route change 0.0.0.0 mask 0.0.0.0192.168.1.1 metric 2

Route add 192.0.0.0 mask route 0.0.0192.168.3.240 metric 1

It's easy.

In fact, there are also simpler methods, but the above method is suitable for testing or not commonly used dual NICs to implement Intranet and Internet, but the company does need to be fixed, which makes manual adjustment too much trouble.

Next we will introduce another method:

First, introduce the routing principle: Generally, the IP address of the Intranet Nic is set to the gateway address on the dual-nic machine, but only one of the Windows default gateways can be set. If the gateway is not connected to the Internet, the default gateway is the Intranet gateway, after the Internet is used, the gateway automatically changes to the IP address assigned by the Internet by default. You can use Route print to view the IP address. That is, all data streams are routed to the IP address of the Internet Nic, So that you cannot access the Intranet. You can use the route print command to view the routes at this time. It is not difficult to find that there are two route points starting from address 0.0.0.0 (0 can be regarded as a wildcard), one is the Intranet gateway and the other is the Internet IP address, the Internet IP address becomes the default gateway. Therefore, my idea is to use an intranet gateway to make the Intranet gateway a permanent route point and only filter the Intranet segment (IP data starting with 192) without changing the default gateway of the Internet, in this way, according to the priority, the data accessing the Intranet will go from the permanent route point, and other data will go from the default gateway of the Internet (except for the special address set in the route table), so as to achieve the goal. The specific method is as follows:
In the Intranet local connection property settings, remember the gateway IP address and delete the Intranet gateway. Run the CMD window and run the following command route-P add 192.0.0.0 mask route 0.0.0 192.168.3.240 (create a permanent route point. In this way, the Intranet can be accessed normally when the Internet is not connected. After the Internet is connected, the Intranet and the Internet can be accessed simultaneously.

Many enterprises now use the Intranet and Internet for security purposes. I hope the above information will help you.