...my email provider seems to be down atm so registering with Cnet can't be done, if I may ask some questions to you knowledgeable folk instead.

I'm running Vista on two machines in the house and want a setup that keeps PC1 connected to the internet and PC 2 is a standalone media server not connecting to the internet for fear of something going wrong with my personal data(photos etc.).

PC 2 is connected to it's own wireless router via ethernet cable and has an Xbox360 connected to the same router via ethernet cable making use of the Xbox's HD media playing capabilities, in-turn I manage that network from PC1 via remote desktop.

Problem is, on PC 1 I have two network interfaces, wireless Wan interface is connecting to the WWW and has a profile of 'Public' and wireless Lan interface with which I use to remote desktop to PC 2 has a profile of 'Private'. Once Vista recognises the Wan interface is gone live it superceeds my 'Private' profile and knocks off all network shares. If I try to turn on network shares whilst Wan is public and LLan is private Vista for som reason or another changes Wan to Private.

I have gone through all the firewall rules relating to the Public profile not allowing the obvious incase I need to set both interfaces to Private in order for Vista to allow Wan connection to WWW(with no network shares) and Lan to have network shares, but this is less than perfect.

I guess I need a way to select shares based on interface and not profile...any ideas please?

care to draw a picture?

MS paint?

How are you assigning the IP addresses on the two networks?

Windows and the routers are most likey defaulting to 192.168.0.1 networks and so as soon as you enable the second NIC you'll get a conflict and Windows won't be able to differentiate between the two.

IF this is what's happening, first thing you'll need to do is reconfigure the router connected to the internet to give out a different IP network to PC 1 on its "wan" NIC. Personally, just so you don't have to mess around with changing network masks on the other router, I would use 172.16.0.0 255.255.255.0, with 172.16.0.1 for the router and either static the PC 1 to 172.16.0.2 or let DHCP do it's thing.

Other than that, I have my doubts about Vista being able to handle more than one network, (given that it is a client OS not a server OS), but I could be wrong as I've never tried configuring it like that.

Unless that is you configure Vista to use ICS. That would be the normal way to achieve the kind of connectivity you have. But then PC 2 etc wouldn't be completely isolated from the "wan" network. To be honest they're not completey isolated even so. Anyone who manages to compromise PC1 will still be able to access the rest of the network that PC2 is connected to.

Hope that is of some help.


Did a bit of digging around. Would seem that you can't do what you want re separate profiles per NIC in Vista :

http://www.vistax64.com/vista- ... etworks-multiple-nic.html

...that link is very slow for me?

The Wan router is assigning addresses DHCP 192.168.xx and router 2 is manually assigned to the 10.42.43.xx range so no conflicts there. As I've said above I did go through the Windows firewall and only allow basic communication on the 'Public' side, according to the firewall is locked tight...but meh, I'm not convinced...while were here do you know of similar software like Zonealarm for Vista?

All would be hunkey dorey if Vista allowed me to assign profiles based on interface(maybe thats in the link but it's still loading...?)

E; and sorry, no there's no ICS enabled as I want no direct communication between WAN and LAN.

Quote from CSU1 :

...that link is very slow for me?

The Wan router is assigning addresses DHCP 192.168.xx and router 2 is manually assigned to the 10.42.43.xx range so no conflicts there. As I've said above I did go through the Windows firewall and only allow basic communication on the 'Public' side, according to the firewall is locked tight...but meh, I'm not convinced...while were here do you know of similar software like Zonealarm for Vista?

All would be hunkey dorey if Vista allowed me to assign profiles based on interface(maybe thats in the link but it's still loading...?)

E; and sorry, no there's no ICS enabled as I want no direct communication between WAN and LAN.

The link is to a forum post which I believe is a very similar issue to yours (except its not relating to the sharing aspect of your problem) about having the public and private profiles supercede each other. It's answered by someone that appears to be a MS employee. The answer basically states that the network profile is defined at a computer level not NIC level so what you're trying to achieve in that regard will never work.

I understand that you don't want your "lan" network exposed to your "wan" network, I only suggested ICS as a potential solution to having both networks accessable at the same time and then looking in to other ways of securing the "lan" network from the "wan" side.

In regards to Zonealarm. Well depends on what you are looking for exactly. There are plenty of commercially available internet protection suites around. However, if you're just looking for a free firewall try comodo :

http://www.comodo.com/home/dow ... ownload.php?prod=firewall

or others:

http://www.techsupportalert.com/best-free-firewall.htm

link deleted - was for Linux firewall boxes.

How well they deal with multiple networks I don't know. I used to use Sygate personal firewall which was configurable with advanced rules to deal with multiple networks but it's no longer available.

I'll look into ICS for now and thank you for your time and info.

... on another note I was trying to get iSCSI up and running instead of having the need for network shares with my current setup, I'm favouring this setup because without ICS the only interaction between the 'outside' and PC2 is me logging onto remote desktop, so in that regard the network is totally secured from the WWW.

But, whatever I try iSCSI just wont find any targets at the IP of PC2(not using Domains just work groups)...go figure it just does nothing and when I try to add or auto configure drives for use on the iSCSI server it just moans about "The device specified does not originate from an iSCSI disk or a persistant iSCSI login" , am I missing something, the help file shows no info on how to make a disk or drive originate from iSCSI other than telling you to press the auotconfigure button...

I better stick with ICS

Might be worth your while working your way through here:

http://windowshelp.microsoft.c ... ows/en-US/networking.mspx

Some pretty basic stuff in there but might be useful as a cross check to make sure everything is configured correctly.