Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Configuration Confusion
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Configuration Confusion - 30.May2008 11:04:08 AM
|
|
|
Talderon
Posts: 2
Joined: 29.May2008
Status: offline
|
Hey all,
You'll have to forgive me if this is a real noob-ish question, but I've been thrown into needing to get ISA up and running, have books, read web sites and am still scratching my head here.
Here is my installation setup:
Server with 2 NICs
NIC1 Corporate Domain (this is NOT an Internet facing connection)
NIC2 Production Domain (this is NOT an Internet facing connection)
Server 2003 EE SP2 32bit
Hardware specs are a tad overkill (2xdual core procs and 16GB RAM) but it was what was given to me.
Ok, what I want is users from the Corporate Domain to be able to access web based tools that are in server in the Production Domain. Some users have accounts in the Prod domain, but more than likely not. I am aware of authentication issues and have that worked out, but what I need is the ISA server to act as the bridge so the web applications will be accessable from the Corp side.
Now, I read plenty of sites that told me that I should set up the WRT with persistant routes and get all this going, so I did what I read and all seemed well.
I installed ISA 2006 EE and applied the Edge Firewall template and see the Internal (Corpoate) with all the IPs, but I don't see anything for the Production side. I tried to add a new network with that NIC, but it told me IPs overlaped.
Also, the DNS name for the web tool, do I have that pointed at the ISA server?
Please let me know if you need more information. I hope this isn't too terribly confusing. :)
|
|
|
|
RE: Configuration Confusion - 30.May2008 11:16:54 AM
|
|
|
Talderon
Posts: 2
Joined: 29.May2008
Status: offline
|
Just as a side note... Whenever I install ISA (via Remote connection), apply a template and log off the server, I can never log back into it forcing me to have the server reimaged. I did verify that the remote administration section included the IP address that I installed from, but still have this issue.
I want this to be secure, but I think this is just overkill.
Oh, I can use the /console switch, and after I enter my user information, it sits at "Applying your personal settings..." and never gets past this. I have let it sit there for a couple days on this screen and it never seems to apply my settings all the way and let me have access to the server.
This common?
Thanks!
|
|
|
|
|
RE: Configuration Confusion - 30.May2008 2:05:49 PM
|
|
|
pwindell
Posts: 802
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
|
1. AD Domains have no relationship to Nics, IP#s, or subnets.
ISA Nics are directly related to Nics, IP#s, or subnets.
So AD Domains are irrelevant as being defined "objects" for ISA
to protect.
2. I see no relevant reason or benefit for ISA to be in the position you have it in with the expectations you have for it. As a side note, I see not point in it being the Enterprise Editions,...you aren't creating Proxy Arrays with multiple ISA Server. The Ent Ed will still work, but it was a waste or extra money.
ISA's purpose is to be a Firewall that sits at the boundary of the LAN where it meets the Internet,...just like a PIX, ASA, SonicWall, etc would be.
ISA can also double as a LAN Router with a "routed relationship" between the Internal segments. This would imply 3 (or more) nics
1. External Internet facing nic
2. Internal facing Nic for Subnet #1
3. Internal facing Nic for Subnet #2
4. Three Network Definitions would exist
a. External (there by default)
b. Internal [Subnet #1] (there by default)
c. [user created name for Subnet #2] (you create this one)
Access Rules must be created to allow traffic between the Network Definitions (not the "Nics")
_____________________________
Phillip Windell
www.wandtv.com
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
