Cisco Support Community
Community Member

3 NIC in a Server and Routing

I have in my environment



Internet -

On the cards in my fw, I have configured

E01 – - LAN

E02 – - DMZ

E03 – - Internet

The cards are connected to the switch in different vlans.

I also have servers in the DMZ

The Mail and ProxyServer has 2 network card each


DMZ Address is


LAN Address is


DMZ Address is


LAN Address is

Do these devices need 2 card or can I just use one card and put it in the DMZ network

I intend to put a default route (gateway of last router) on the router/switch ( where the devices are connected as

On the router I will have via

The default gateway on all PCs is this router and I dont want to change this.


1. How do I get my users to get to the servers (Proxy and Exchange) in the DMZ zone via the router?

2. On the Router, do I need to put in static routes like the following via so that when users request for the Mail servers, they get sent to the FW.

As I dont really want to change the addresses we have been using on the LAN, do I still continue with the 2 NIC in the MailServer,

In short how do I get the routing up and running?

Thanks for your help

Community Member

Re: 3 NIC in a Server and Routing

I don’t think your Mail and Proxy servers need two NIC cards. Essentially, the only thing needed in the scenario you described is to make sure that the LAN default gateway (the router connected to the LAN and the DMZ) is forwarding the IP ports that the proxy server is using, and the ports that Exchange is using.

The exact ports numbers you have to make sure go through will depend on the software setup, I know that a lot of proxy servers will use 1080 TCP, and depending on how the clients access Exchange you’ll have to configure the LAN gateway to pass things like Kerberos, NetBIOS, the Location Store, etc. You’ll have to check with the software venders to see what ports they use.

Since the LAN gateway router is directly connected to the DMZ, you shouldn’t need a static route – you need to make sure that the firewall forwards the traffic addressed to the proxy and mail server – that comes from the LAN.

John Olavesen

Cisco Systems

CreatePlease to create content