Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Perimeter Problems

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> DMZ >> Perimeter Problems Page: [1]
Login
Message << Older Topic   Newer Topic >>
Perimeter Problems - 25.Jun.2004 4:40:00 AM   
mdframe

 

Posts: 14
Joined: 29.Apr.2004
From: Richmond, VA
Status: offline 		I have a 3-legged system setup. My ISA Server can ping the server I have in the DMZ but the server in the DMZ cannot ping the ISA server nor go anywhere or see anything. Anyone have any idead on this? I have the rule set to route between the two.

Also I cannot get to the interenet from the ISA Server. So far the only thing working is the internal network can browse the internet and that's it. I am having so much difficulty with the DMZ and VPN that I feel as though I must not be able to read as I have read the articles about these topics over and over again. I have to be missing something. Can anyone help here as well?

Thanks,

Matt
Post #: 1
RE: Perimeter Problems - 25.Jun.2004 5:06:00 PM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Matt,

You can't ping the ISA firewall because it protects itself. No more Nachi-like ping DoS woes! [Big Grin]

In order to browse from the firewall (which you should never do, because of the security risks inhernet in doing so), you need to create a rule that allows the Local Host network access to the Desitnation Network, which is the External network in this case.

For some great docs on ISA 2004 configs, check out this cool stuff I did for ISA 2004 firewalls:

http://www.msfirewall.org/isa2004kits.htm

HTH,
Tom

(in reply to mdframe)
Post #: 2
RE: Perimeter Problems - 28.Jun.2004 9:23:00 PM   
mdframe

 

Posts: 14
Joined: 29.Apr.2004
From: Richmond, VA
Status: offline 		Tom,

Again thanks for the information.

As I had said earlier this is my first experience with ISA Server and I think I may be starting to understand some items now that I have been working with it for a few hours.

I finally figured out, I believe, that just because you setup network rules does not mean that access between these networks is available. I found that you must also create a firewall policy and then things start clicking. Please let me know if I have a misunderstanding about this.

Thanks again,

Matt

(in reply to mdframe)
Post #: 3
RE: Perimeter Problems - 29.Jun.2004 1:31:00 PM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Matt,

You got it! Network Rules create the route relationship between the networks, but in order to control traffic, you need to create access rules.

HTH,
Tom

(in reply to mdframe)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> DMZ >> Perimeter Problems Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts