Welcome to ISAserver.org

NIC configuration

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA 2006 Firewall] >> DMZ >> NIC configuration

Page: [1]

Message

<< Older Topic Newer Topic >>

NIC configuration - 13.May2008 8:51:05 AM

teejayuu

Posts: 32
Joined: 7.May2008
Status: offline

Hi

I am new to ISA Server and have a quick request for information. I have a server that will be used as an Edge firewall with a DMZ. I am not sure of the NIC setting for the DMZ. My current setup on the ISAServer is:
External Interface
IP x.x.42.162
SM 255.255.225.224
Internal Interface
IP 10.1.1.2
SM 255.255.255.0
DMZ Interface
IP 172.16.1.1

Is this correct?

Thanks
Tony

Post #: 1

Featured Links*

RE: NIC configuration - 10.Jun.2008 4:43:58 AM

HePa

Posts: 135
Joined: 9.May2008
From: Sweden, Gothenburg
Status: offline

It looks fine but you don't have any subnetmask on your DMZ NIC within the configuration you wrote down. Don't forget to configure network relationships and network rules between the networks if you want to let traffic pass through the networks.

_____________________________

Henrik Parkkinen

(in reply to teejayuu)

Post #: 2

RE: NIC configuration - 10.Jun.2008 4:50:08 AM

Jason Jones

Posts: 1750
Joined: 30.Jul.2002
From: United Kingdom
Status: offline

The key thing to remember is that onlt the external interface should have a default gateway - if yo uneed internal routes, you need to add these as persistent static routes on the ISA Server which use the internal interface.

Also, only the internal interface should have DNS defined, and this should point to an internal DNS servers which are configured to forward requests to the Internet.

This is the model I normally follow:

External Network

Default Gateway should be defined
DNS Servers should not be defined
Register this connection's address in DNS � Disabled
File and Print Sharing for Microsoft Networks � Disabled
Client for Microsoft Networks � Disabled
NetBIOS over TCP/IP � Disabled
Show icon in notification area when connected - Enabled

Perimeter Network(s)

Default Gateway should not be defined
DNS Servers should not be defined
Register this connection's address in DNS � Disabled
File and Print Sharing for Microsoft Networks � Disabled
Client for Microsoft Networks � Disabled
NetBIOS over TCP/IP � Disabled
Show icon in notification area when connected - Enabled

Internal Network

Default Gateway should not be defined.
DNS Servers should be defined.
Register this connection's address in DNS � Enabled
File and Print Sharing for Microsoft Networks � Disabled
Client for Microsoft Networks � Enabled
NetBIOS over TCP/IP � Enabled
Show icon in notification area when connected - Enabled

Edit the network bind order as follows:

Internal Network (Highest)
Perimeter Network(s)
�Others�
External Network (Lowest)

Cheers

JJ

< Message edited by Jason Jones -- 10.Jun.2008 4:51:46 AM >

_____________________________

Jason Jones
Silversands Ltd
http://www.silversands.co.uk
View My Blog: http://blog.msfirewall.org.uk/

Get Our NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to HePa)

Post #: 3

RE: NIC configuration - 16.Jun.2008 3:10:22 AM