Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Multiple Networks one External.

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> Multiple Networks one External. Page: [1]
Login
Message << Older Topic   Newer Topic >>
Multiple Networks one External. - 2.Oct.2007 12:37:53 AM   
sgoethals

 

Posts: 11
Joined: 27.Oct.2003
From: Australia
Status: offline 		I need to help a) whether I am doing it right b) how to do it.

I have been using ISA 2004 for awhile now and have two primary internal networks for the school i work for Curriculum Network and Admin Network completely seperate domains not belonging to same forest but in seperate ones.  I use 3 Nics on ISA one to Admin, one to Curriculum and one to Internet.

Administration is basic flat network, Curriculum however is made up of 25+ Vlans for seperate wireless servers and clients computers in buildings, with a 3560 Cisco Router routing everything together.  The ISA box sits on a Vlan on it's own seperated from everything with a persistent route to all the VLANS.

I want to create in ISA seperate Networks for each VLAN so that I can put different scenarios together for example Authentication on for student computers, but not teaching wirless vlan.  I have put in persistent routes for each VLAN instead of a route for the whole lot.

What I am doing with failure at the moment is taking one VLAN out of the internal network creating a new network for it and trying to make the same rules for access to the internet and ISA.  Complete failure obviously because it is not in the same network as the ISA box.  My Internal Network which I have setup as curriculum not the default includes all the ranges for the Vlans including the ISA box.  So when I start to seperate out the vlans it fails.

What network infrastructure do I need to create for the ISA box being able to communicate with all the seperate VLANs as networks.
Post #: 1
RE: Multiple Networks one External. - 3.Oct.2007 8:53:19 AM   
enricoklein

 

Posts: 49
Joined: 8.Mar.2005
From: netherlands
Status: offline 		Hi,

A network in ISA should consist of all IP address ranges that are routable through that NIC. So the Curriculum network must contain all the IP ranges from all the different VLAN's that exist behind that NIC.
To allow more granular control over what goes to a specific VLAN you should setup address ranges or subnet objects using the toolbox in the firewall policy node.

Hope this clears things up.

Regards,
Enrico

(in reply to sgoethals)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> Multiple Networks one External. Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts