Welcome to ISAserver.org

ISA 2 NIC with Router

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2004 Firewall] >> General >> ISA 2 NIC with Router

Page: [1]

Message

<< Older Topic Newer Topic >>

ISA 2 NIC with Router - 26.Sep.2008 1:52:32 AM

adgroup

Posts: 130
Joined: 11.May2006
Status: offline

hi

IS there any way that we can use ISA 2004 with two NICS in such a away that all filteration is to done at ISA. Secondly we have Cisco Router in front of ISA, Which is used for VPN Connectivity between branch offices.

LAN----ISA1st NIC---ISA 2nd NIC-------Router with adsl for VPN---internet

clients are configured with FIREWALL CLIENT, SECURE NAT, and WEB PROXY.
CLients default gateway is the 1st interface IP of ISA.

LOCAL LAN Settings

IP addresses: 10.1.1.x
SM                  255.0.0.0
Default Gateway    10.1.1.1
DNS                    10.1.1.20

ISA Settings 1st NIC.
IP                            10.1.1.1
S.M                         255.0.0.0
Default Gateway        Blank
Primary DNS             10.1.1.20               (Local DNS)

ISA Settings 2nd NIC

IP                             192.168.0.2
SM                           255.255.255.0
Default Gateway        192.168.0.10             (IP address of Router)
DNS                          202.x.x.x               (ISP DNS)

NOTE: I have only one LIVE IP.

DSL is connected on router.and it works properly.all client computers can browse internet properly.

ISSUE:
We have created a site to site VPN using CISCO router 2811.As you know we have to define the SOURCE and DESTINATION IP Subnets in VPN creation.NOw Clients default gateway is pointing to the internal NIC of ISA..and the ISA's 2nd NIC DEfault gateway is pointing to the Router. So how can i Make the traffic to pass through ISA and then forwards to ROuter.

1.) Important point is that when ever ISA forwards the traffic it uses 192.168.0.2 as the source address because interface is able to connect to Router. So when router receives the traffic from the source 192.168.0.2 it never creates a VPN, because we have defined that vpn should be created once router receives the traffic from 10.1.1.x subnet.
2.) If i use single NIC in ISA (Which is not recommended).In this case only 1 NIC and default gateway is pointing to Router (Now router ip address will be 10.1.1.100).

GOAL:
1.) I want that VPN shuold be connected using Cisco Router.in VPN source should be 10.0.0.x
2.) All filteration and websites restrictions should be done by ISA.

How can i use TWO nics in ISA to accomplish these tasks ?

Any Help ?

ADG

Post #: 1

Featured Links*

RE: ISA 2 NIC with Router - 26.Sep.2008 9:49:24 AM

pwindell

Posts: 782
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline

Please don't post the same question under multiple threads. It will just confuse everybody. Stay in one thread.

_____________________________

Phillip Windell
www.wandtv.com

(in reply to adgroup)

Post #: 2

RE: ISA 2 NIC with Router - 27.Sep.2008 12:50:06 AM

adgroup

Posts: 130
Joined: 11.May2006
Status: offline

hi
Yeah I know i am doing mistakes
But is it something very difficult which I want to do in ISA ? ok lets finalize it..please confirm me do I need two NICs in ISA or it will work smoothly with one NIC.

ADG

(in reply to adgroup)

Post #: 3