Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
ISA 2006 Ent NAT Problem
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
ISA 2006 Ent NAT Problem - 2.Apr.2008 2:34:10 AM
|
|
|
Subhasha_HL
Posts: 13
Joined: 2.Apr.2008
Status: offline
|
Hi,
I have intsalled ISA 2006 Enterprise edition. I have configured the client as NAT by providing ISA internal IP as Default GW and ISP DNS server. I Can't access the internet, but I can access internet if I use as a proxy client. I have not created any rule for NAT on ISA server(Using default NAT rule). Is there any rule needs to be created. How NAT to be configured.
|
|
|
|
RE: ISA 2006 Ent NAT Problem - 6.Apr.2008 1:54:08 PM
|
|
|
DarkJedi
Posts: 6
Joined: 6.Apr.2008
Status: offline
|
Hi there.
By default ISA have natting enabled between internal and external networks, it would be a good idea to check that. Check the network rules under netork objects.
Other thing, have you created and access rule for the clients to access the internet? Most probable is tat the ISA Default rule is dropping your communication when you use the firewall client the tcp packets go tagged with your user name, wich means that the access ule can e set to specific users.
When you set the ISA as your default gateway (SecureNAT) the packets doesnt have that tag and arrives to the ISA server as annonymus user. So you would have to set up a rule allowing those users to access the internet or you can define the client IP address and set the rule specific to that machine.
Hope it helped.
|
|
|
|
|
RE: ISA 2006 Ent NAT Problem - 11.Apr.2008 5:49:04 AM
|
|
|
Subhasha_HL
Posts: 13
Joined: 2.Apr.2008
Status: offline
|
Hi,
I have created a firewall rule to allow DNS and internet access to allusers from internal to external.. I have movedt o top these two rules.I cannot ping external dns server from client. I have no clues why I am not able to access internet. Through proxy it works !.
|
|
|
|
|
RE: ISA 2006 Ent NAT Problem - 11.Apr.2008 9:57:19 AM
|
|
|
DarkJedi
Posts: 6
Joined: 6.Apr.2008
Status: offline
|
hi,
How are your rules created in the users field???
Try this, set the policy for All Users and in the from specify the IP's you want to access the internet....
Let me know how it went.
|
|
|
|
|
RE: ISA 2006 Ent NAT Problem - 12.Apr.2008 2:50:40 AM
|
|
|
Subhasha_HL
Posts: 13
Joined: 2.Apr.2008
Status: offline
|
Hi,
I have created for allusers only. I tried by creating whole network and all users also but no use. I have given ISP DNS Server. I have created DNS rule also. I can't ping DNS server.
GW as ISA server IP address.
Regards,
Subhasha H.L
|
|
|
|
|
RE: ISA 2006 Ent NAT Problem - 19.Apr.2008 4:56:16 PM
|
|
|
DarkJedi
Posts: 6
Joined: 6.Apr.2008
Status: offline
|
I will need a topology to explain better what is going on.
Try the following, perhaps it will give you a better view of what is going on:
- Don't test using ping to the DNS, use nslookup and see if you can resolve the names.
- Check the monitoring of the ISA server while you try to navigate, this will help you determine where your rule is getting blocked.
- Make sure the ISA can access DNS and can access the web sites you are trying to get.
You can also disable the Web Proxy Filter but if your installation is new and made by default this doesnt block all the traffic.
I hope this helps. I can check the problem if i get to understand the network topology you have.
< Message edited by DarkJedi -- 19.Apr.2008 4:57:26 PM >
|
|
|
|
|
RE: ISA 2006 Ent NAT Problem - 23.Apr.2008 12:52:50 AM
|
|
|
Subhasha_HL
Posts: 13
Joined: 2.Apr.2008
Status: offline
|
Yes, you are right. Topology used is 3-leg Perimeter. I analysed the log. The external IP(ISP) range was in perimeter !. My intentuion was to test web server hosting. But it has taken many IP ranges. Can I remove non perimeter IP address ?.
Thank you.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
