Adding an extra IP to a Windows 2008 server (Source IP problem)

Peter Lorenzen

An Apache http server does not support more than one SSL virtual host on the same IP address and port. So if you want to host two Internet domains on the same server and they both use SSL on port 443 then you must use two IP-addresses.

You can read more about this here.

Because of this you sometimes have to add an extra IP to an server/NIC. On a Windows server this can easily be done via Control panel => Network => Properties etc. This works the same on XP, Vista and 2008.

This works fine. But if you have to access other servers/services from the Windows 2008 server through a firewall you might have a problem since the source IP has changed. I would have expected the source IP to stay unchanged but this is not the case. Sometimes it will be set to one of the new IP-addresses you have added. You can read more about it here.

There is an easy fix though. Remove the IP addresses again and add them with the netsh command. Here you can use a parameter that will prevent the IP-address from being used as a source address (skipassource).

Here is an example:

# Add IP
netsh int ipv4 add address name="Local Area Connection 1" addr=
 mask= skipassource=true

Here are a couple of other commands that are nice to know:

# List ip addresses
netsh int ipv4 show ipaddresses level=verbose

# Delete IP
netsh int ipv4 delete address "Local Area Connection 1"

Leave a Comment

Previous post:

Next post: