How do I point my browser to a specific NIC on my machine

I am on a local area network that has no external access to the internet. However I have been tasked to find a way to allow certain machines to access the web (HTTP, HTTPS, etc) via a wireless card on their laptop. So my question is, is there a way to tell the browser which NIC it should be using. Such as setting up IE for the local LAN, and say FireFox for the WAN? The browser setup doesn't really matter all that much just that one browser is LAN only and one browser is WAN only.


It's rather question of routing. Default route through WiFi, while route with your local LAN mask through Ethernet.

Assuming, that WiFi card has IP 12.34.56.78 and Eth card 192.168.1.123 you'd have routing table something like:

Network Address   Netmask          Gateway Address  Interface       Metric
0.0.0.0           0.0.0.0          12.34.56.1       12.34.56.78     1
192.168.1.0       255.255.255.0    192.168.1.1      192.168.1.123   1

See MS KB article on basic routing.


What kind of environment are we talking about? The problem here is introducing an internet connected host practically bridged into your isolated local network. I doubt finding a way to access the internet included uncontrolled access from those machines across both networks at the same time?

If the wifi-connected clients gets compromised or even just slightly misconfigured you'd open up the entire local network for grabs depending on its configuration (do you use domain isolation and require ipsec and isolate all clients from eachother?).

It sounds better to just set up a firewall (and/or a proxy as suggested) on the local network that allow whatever http traffic you need for the specific clients only. That way you're still in control.

But if not, then I'd simply disconnect the client from the local network and only use the internet-facing wifi when needed - with no local network access available. That'd feel a tiny bit more secure if it was me anyway. The local client firewall could be configured to lock things down when not connected to the domain/local network. It's still scary though ^^