• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA not routing traffic to webserver in DMZ Help pls!

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> DMZ >> ISA not routing traffic to webserver in DMZ Help pls! Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA not routing traffic to webserver in DMZ Help pls! - 10.Nov.2010 2:52:45 PM   
CJJ

 

Posts: 9
Joined: 22.Aug.2008
Status: offline
Running TMG 2010 SP1 with Update 1, I have created a NAT DMZ with the following configuration

Internal Nic:
IP 192.8.xxx.xxx
Subnet 255.255.254.0
DNS Set but no gateway

External Nic:
IP 173.xxx.xxx.217 and 173.xxx.xxx.215<-- Webserver external ip
Subnet 255.255.255.248
Gateway set with no DNS

DMZ Nic:
IP 192.168.xxx.1
Subnet 255.255.255.248
No dns and no gateway set

Whatís happening is when a request comes in from the internet it goes to localhost instead of the listener I created grabbing the request for http and forwarding it to my webserver in the DMZ at ip 192.168.xxx.2 , any idea what I would be overlooking or doing wrong ?
Post #: 1
RE: ISA not routing traffic to webserver in DMZ Help pls! - 8.Feb.2011 1:33:32 PM   
pwindell

 

Posts: 2244
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
Internal:
1. Address Range is not a valid RFC Private Range
2. Subnet is overloaded. Should not go below /24,...meaning don't have subnets larger than 254 Hosts
3. For every 200 Hosts create a new /24bit segment and put a LAN Router between them.  The ISA can act as a LAN Router if you put yet another Nic into it, but ISA is not a full-featured LAN Router and cannot be expected to perform like one.

External:
Looks fine

DMZ:
Looks ok but the mask is a waste of time.  Just use a /24bit segment and forget it.  Just make sure it is not the same as any range that might potentially ever be used on the Internal side.

Fix these other things. Then we can look at the listener and publishing rule.

_____________________________

Phillip Windell

(in reply to CJJ)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> DMZ >> ISA not routing traffic to webserver in DMZ Help pls! Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts