Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
[noob] Front firewall with Sonic behind - routing help
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
[noob] Front firewall with Sonic behind - routing help - 27.Oct.2008 12:57:44 PM
|
|
|
ipgisa
Posts: 2
Joined: 17.Oct.2008
Status: offline
|
Hi,
I am setting up an ISA2006 as the front firewall with a Sonic hardware firewall behind it. I can't use ISA as a back firewall because the Sonic has dual ISP connections and I can only have one gateway. I've configured my ISA external NIC with a valid static IP and gateway (no DNS) and the perimeter NIC with a private IP, no gateway and DNS. The perimeter NIC is in the perimeter network so a different network from my internal DNS servers on the LAN. What, if any, static routes do I need to add to make sure I can publish the external IP of the SONIC that has NAT'd servers behind it? Or is this completely backwards? Thanks
SONIC external 192.168.42.2
ISA perimeter 192.168.42.1
ISA external x.z.y.1
Perimeter network 192.168.42.*
LAN 192.168.43.*
INTERNET1 INTERNET2
|| ||
ISA ||
|| ||
SONIC========
||
LAN
|
|
|
|
|
RE: [noob] Front firewall with Sonic behind - routing help - 29.Oct.2008 8:09:25 AM
|
|
|
tshinder
Posts: 47644
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Put the Sonic Wall in front of the ISA firewall.
Then configure the ISA firewall to use the LAN interface of the Sonicwall as its default gateway.
HTH,
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: [noob] Front firewall with Sonic behind - routing help - 29.Oct.2008 2:19:28 PM
|
|
|
ipgisa
Posts: 2
Joined: 17.Oct.2008
Status: offline
|
Hi,
Actually I would very much like to do that, but I have a site-site VPN between the Sonic and another Sonic on the INTERNET2 connection. I do not know if I can connect the remote Sonic VPN through the local Sonic VPN to the ISA server which is what would have to happen. The Sonics do not support PPTP so it would have to be IPsec pass through of some sort.
Thanks
|
|
|
|
|
RE: [noob] Front firewall with Sonic behind - routing help - 4.Nov.2008 7:28:37 AM
|
|
|
tshinder
Posts: 47644
Joined: 10.Jan.2001
From: Texas
Status: offline
|
You can still terminate the site to site VPN on the sonicwall in front of the ISA firewall. I did an article about a year ago on how to do this.
HTH,
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
