Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA 2004 Interface Conflict

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> DMZ >> ISA 2004 Interface Conflict Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA 2004 Interface Conflict - 8.Sep.2006 6:15:07 PM   
vzayarni

 

Posts: 2
Joined: 8.Sep.2006
Status: offline 		ISA 2004, 2 Interfaces:
Int 1 is on local subnet 192.168.0.0 with the default gateway
Int 2 is on remote 170.46.0.0 subnet and is directly (cross over) connected to the router that provides access to our parent company's web resources.
Here is the problem!
If I have both interfaces enabled web browsing through ISA stops working. As soon as I disable Int 2 - web browsing starts working.
I've tried adding a static route for 170.46.0.0 and that did not help, did all normal ISA stuff, like networks,netwrok rules,access policies - did not help.
Any help will be greatly appreciated!
Thanks in advance!
Post #: 1
RE: ISA 2004 Interface Conflict - 8.Sep.2006 8:47:09 PM   
spouseele

 

Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline 		Hi vzayarni,

assuming that 'Int 1' is you internal network then the default gateway is misconfigured! The default gateway should be configured *only* on the interface facing the external network. In your case I assume on 'Int 2'. No default gateway should be configured on *any* other interface.

HTH,
Stefaan 

(in reply to vzayarni)
Post #: 2
RE: ISA 2004 Interface Conflict - 8.Sep.2006 9:27:18 PM   
vzayarni

 

Posts: 2
Joined: 8.Sep.2006
Status: offline 		Thank you for getting back to me!
ISA 2004 server is behind PIX firewall and PIX allows direct access from ISA to the internet.
Int 2 is more like "DMZ" network in our case and we need only limited access to the resources in there. All internet access is done through Int 1 with the default gateway set to point to the internal IP and it is working just fine.
But anyway - What would you recommend?
Thanks!

(in reply to spouseele)
Post #: 3
RE: ISA 2004 Interface Conflict - 8.Sep.2006 9:35:00 PM   
spouseele

 

Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline 		Hi vzayarni,

please provide us *exact* information about your network configuration. A little diagram with IP addresses can tell more than thousands words.
In any case, the default gateway should be configured *only* on the interface facing the Internet and that can't be you internal network!

HTH,
Stefaan

(in reply to vzayarni)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> DMZ >> ISA 2004 Interface Conflict Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts