Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Network behind a network
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Network behind a network - 7.Mar.2008 12:40:31 AM
|
|
|
tperachio
Posts: 6
Joined: 4.Jul.2006
Status: offline
|
I recently posted to this site in Feb about this same subject, i read all the info i could find about this subject, i am going to try and explain as best as i can as i am unable to accomplish what i need to do.
we recently installed an MPLS link between our Corp office and our site in the Philippines. our network is setup as follows:
Running ISA 2006 Standard as an edge firewall, it has 2 nics 1 internal and 1 external, everything is working fine, but now that we just installed the MPLS link i need to create a network behind a network. out internal network is setup as 10.0.0.0, used for all static assigned addresses such as servers, 10.0.1.0 is used to assigned network printers, and 10.0.2.0 is used for clients that are assigned by an internal DHCP server. the internal NIC of ISA is 10.0.0.4. Our location in the Philippines network is 192.168.2.0 and the router ip is 192.168.2.1 which then connects to a router at the corp which is assigned an ip of 10.0.0.1. an address associated with our internal network. what i have done to add this network, i added a route as such "route add 192.168.2.0 mask 25.255.255.0 10.0.0.1", i then added the address range 192.168.2.0 - 192.168.2.255 to the internal network on the isa server in the address tab, i then added 2 route relationships in the network rules tab " from philippines to corp and another from corp to phillipines", i created in the toolbox 2 sets of address ranges to use as source and destination. I did create some access rules in the firewall policy, i am able to ping in both directions, i also created a rule to allow RDP into the subnet which works, when i was connected to a pc in the subnet i tried to connect to a file server share on our corp network by typing in the fqdn of the server and share as such \\server\share and the firewall log said that it denide the connection because of an unidentified IP traffic, i also created an access rule to open a port to access an external site which i also get denide connections because of unidentified IP Traffic. what i need to do is allow the remote location to access all services on our internal network and i am not sure how to do this as i have become very confused. Please help
|
|
|
|
|
RE: Network behind a network - 8.Mar.2008 7:55:52 AM
|
|
|
tperachio
Posts: 6
Joined: 4.Jul.2006
Status: offline
|
disregard this post, the problem was not with my isa server, my isp provider was not routing the traffic correctly
|
|
|
|
|
RE: Network behind a network - 9.Mar.2008 4:06:56 PM
|
|
|
elmajdal
Posts: 5071
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
|
Hi,
Glad that you sorted it out, and thanks for the follow up.
Tarek
_____________________________
Tarek Majdalani
MS Forefront Edge Security MVP
Website : http://www.elmajdal.net/ISAServer
New Section : http://www.elmajdal.net/Win2k8
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
