Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Am i right using ISA with single NIC in this case
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Am i right using ISA with single NIC in this case - 4.Aug.2007 12:53:11 PM
|
|
|
Freekeko
Posts: 32
Joined: 6.Aug.2006
Status: offline
|
Hello All ,
Hope everything is ok :)
i'm going to install ISA 2006 with Single Netowrk Adapter behind firewall (Juniper)
i decide to do this cuz i dont need another firewall we just need to control internet traffic & monitor it .
i make all clients (SecureNAT) & do nothing on the Servers (DNS, Exchange , SQL) the gateway in the firewall
am i right in this decision , if yes or no what are the benefits & disadvantage of using ISA with Single NIC
can our company use it without any problems ??
thanks alot in advance
|
|
|
|
RE: Am i right using ISA with single NIC in this case - 4.Aug.2007 1:15:41 PM
|
|
|
elmajdal
Posts: 5060
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
|
quote:
ORIGINAL: Freekeko
am i right in this decision , if yes or no what are the benefits & disadvantage of using ISA with Single NIC
u will be loosing a high percent of ISA Server features when u r using it with a single NIC adapter
check this : http://support.microsoft.com/kb/838364
also this :
quote:
Configuring ISA Server with a Single Network Adapter Configuration
Problem: There are a number of issues associated with the configuration of ISA Server on a computer with a single network adapter.
Cause: The causes include:
•Multi-network firewall policy. In single network adapter mode, ISA Server recognizes itself (the Local Host network). Everything else is recognized as the Internal network. There is no concept of an External network. The Microsoft Firewall service and application filters operate only in the context of the Local Host network. (ISA Server protects itself no matter what network template is applied.) Because the Firewall service and application filters operate in the context of the Local Host network, you can use access rules to allow non-Web protocols to the ISA Server computer. This has implications for running applications located on the ISA Server computer.
•Application layer inspection. Application level filtering does not function, except for Web Proxy Filter for Hypertext Transfer Protocol (HTTP), Secure HTTP (HTTPS), and File Transfer Protocol (FTP) over HTTP.
•Server publishing. Server publishing is not supported. Because there is no separation of Internal and External networks, ISA Server cannot provide the NAT functionality required in a server publishing scenario.
•Firewall clients. The Firewall Client application handles requests from Winsock applications that use the Firewall service. In a single network adapter environment, this service is only available in the context of the Local Host network (protecting the ISA Server computer), and Firewall Client requests are not supported.
•SecureNAT clients. SecureNAT clients use ISA Server as a router to the Internet, and SecureNAT client requests are handled by the Firewall service. In a single network adapter environment, this service is only available in the context of the Local Host network (protecting the ISA Server computer), and SecureNAT client requests are not supported.
•Virtual private networking. Site-to-site virtual private networks (VPNs) are not supported in a single network adapter scenario. Remote client VPN access is supported in a single network adapter scenario.
source : http://www.microsoft.com/technet/isa/2004/plan/unsupportedconfigs.mspx
< Message edited by elmajdal -- 4.Aug.2007 1:19:08 PM >
_____________________________
Tarek Majdalani
MS Forefront Edge Security MVP
Website : http://www.elmajdal.net/ISAServer
New Section : http://www.elmajdal.net/Win2k8
|
|
|
|
|
RE: Am i right using ISA with single NIC in this case - 4.Aug.2007 4:06:10 PM
|
|
|
Freekeko
Posts: 32
Joined: 6.Aug.2006
Status: offline
|
thanks elmajdal for ur help , it seems i have to enable the other NIC
you know i have used 2 NIC but the big problem that frustrating me (Exchange Server)
everything is working fine Client with Web Proxy but i can't send or recieve email over exchange 2003
i applied all what microsoft notified in the following link except modify DNS (MX record)
any help please
|
|
|
|
|
RE: Am i right using ISA with single NIC in this case - 4.Aug.2007 7:52:23 PM
|
|
|
elmajdal
Posts: 5060
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
|
Where is ur mail server located to ISA Server ??
Internal , External ? DMZ ?
do u have a simple Network Diagram ?
_____________________________
Tarek Majdalani
MS Forefront Edge Security MVP
Website : http://www.elmajdal.net/ISAServer
New Section : http://www.elmajdal.net/Win2k8
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
