Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Internal to DMZ problem

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> DMZ >> Internal to DMZ problem Page: [1]
Login
Message << Older Topic   Newer Topic >>
Internal to DMZ problem - 16.Jul.2008 4:57:56 AM   
BjarneSkov

 

Posts: 2
Joined: 16.Jul.2008
Status: offline 		Hi, I am a newbie trying to configure my ISA firewall.
I have set it up as an backend firewall. (10.16.31.200 (internal)) (192.168.100.2 (External))
I have a webserver (192.168.100.10) in the DMZ
I have another firewall as frontend firewall (192,168,100,1(internal))

Even wenn I allow all I can't ping the webserver. I can ping it from the ISA server not not from the Internal network.

I expect it is at route problem but not sure.

Thanks

Bjanre
Post #: 1
RE: Internal to DMZ problem - 16.Jul.2008 7:47:27 AM   
IanC

 

Posts: 161
Joined: 11.Jul.2007
From: UK
Status: offline 		Hi Bjanre,

It depends on the network relationship you have between the Internal and external networks.  If it's NAT, you just need a route (or default gateway) on the internal computers that points to ISA server's internal ip address (10.16.31.200).  If it's ROUTE, you also need to add to the Web server's routing table a route back to the 10.16.31.0 network.  This route uses the gateway 192.168.100.2.

Remove the Open All rule and just allow the protocols you need.

Ian

_____________________________

Ian Currie

http://www.curriecomputing.com

(in reply to BjarneSkov)
Post #: 2
RE: Internal to DMZ problem - 16.Jul.2008 8:30:16 AM   
BjarneSkov

 

Posts: 2
Joined: 16.Jul.2008
Status: offline 		 Thanks.
I am using NAT, and my gateway was the right one, but you put me on the correct paht..
I had a network rules like this:
Name                   Relation       Source        Destination
Internet Access      NAT             Internal         External

I put in a network rule like this:
Name                   Relation       Source        Destination
DMZ Access        NAT              Internal        DMZ

Hope thats an OK solution?

Thanks a lot for a quick answer

(in reply to BjarneSkov)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> DMZ >> Internal to DMZ problem Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts