• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Deployment Scenario (2)

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Misc.] >> Tom's ISA Firewall Blog Discussion >> Deployment Scenario (2) Page: [1]
Login
Message << Older Topic   Newer Topic >>
Deployment Scenario (2) - 25.Jan.2008 11:19:39 AM   
kateh

 

Posts: 16
Joined: 21.Nov.2007
Status: offline
Hi Tom,

Further to my deployment question,  can I ask whether it is feasible to connect to isa dmz's together via the internal/external ports?

i.e. ISA1 External points to ISA 2 Internal.

Many thanks
Kate
Post #: 1
RE: Deployment Scenario (2) - 26.Jan.2008 1:54:30 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Kate,

That sounds like a back to back DMZ -- is that what you want to create?

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to kateh)
Post #: 2
RE: Deployment Scenario (2) - 30.Jan.2008 5:01:38 AM   
kateh

 

Posts: 16
Joined: 21.Nov.2007
Status: offline
Hi Tom,

Thanks for coming back to me. 

I've looked at the back-to-back DMZ scenario however, it appears that the web server and apps server are on the same dmz.  I would like to split the web server and app server up - is this possible?

Many thanks
Kate

(in reply to tshinder)
Post #: 3
RE: Deployment Scenario (2) - 30.Jan.2008 12:49:08 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Which server is directly accessible from the Internet/

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to kateh)
Post #: 4
RE: Deployment Scenario (2) - 31.Jan.2008 3:56:29 AM   
kateh

 

Posts: 16
Joined: 21.Nov.2007
Status: offline
Hi Tom,

The web server is directly accessed from the internet.  Then we have our ISA between the web server and the internal network.  

Thanks
Kate

(in reply to tshinder)
Post #: 5
RE: Deployment Scenario (2) - 31.Jan.2008 11:23:18 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Kate,

OK, so the application server is on the Internal Network? What would the second ISA Firewall do in this scenario?

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to kateh)
Post #: 6
RE: Deployment Scenario (2) - 31.Jan.2008 11:51:16 AM   
kateh

 

Posts: 16
Joined: 21.Nov.2007
Status: offline
Hi Tom,

Well at present we have a trihomed dmz.  Would the 2nd ISA sit on the edge?

I'm sorry, I'm really new at this!

Regards
Kate

(in reply to tshinder)
Post #: 7
RE: Deployment Scenario (2) - 1.Feb.2008 6:59:50 AM   
kateh

 

Posts: 16
Joined: 21.Nov.2007
Status: offline
Hi Tom,

I'm going to setup a back to back dmz configuration with the app server and web server on the dmz segment.

As we already have the web server with a 1.49.xx.xx address on the trihomed dmz, we don't want to change to private addresses.   Can I just connect the app server to the network?

Thanks
Kate

(in reply to kateh)
Post #: 8
RE: Deployment Scenario (2) - 2.Feb.2008 1:28:25 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Kate,

You actually have two DMZs -- the one between the ISA Firewalls and the trihomed DMZ on the back end ISA firewall.

You can place the Web server in one DMZ and the app server in the other DMZ.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to kateh)
Post #: 9

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Misc.] >> Tom's ISA Firewall Blog Discussion >> Deployment Scenario (2) Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts