Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Two NICs on same network

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Network Infrastructure >> Two NICs on same network Page: [1]
Login
Message << Older Topic   Newer Topic >>
Two NICs on same network - 19.Aug.2008 9:03:14 PM   
macARFA

 

Posts: 1
Joined: 19.Aug.2008
Status: offline 		I have an ISA server with two NICs that is to provide web proxy for Exchange 2003 OWA and port forwarding for Blackberry services. The issue I am facing is that the two NICs are on the same network which sits between two firewalls, Pix and an ASA. I have tried setting it up ISA using two network scenarios, edge and front firewall but neither work.
 
Scenario #1 (Edge Firewall)
The ISA server drop packets because it doesn’t know how to route the data.
 
Scenario #2 (Front firewall),
When I create the web listener it tells me that ISA is single NIC scenario and that the External network is equal to the Internal (or perimeter) network.
 
In scenario #2  I think that I lose ISA functionality because OWA works but the Blackberry service is refused connection. Using the bbsrptest to ISA server, the rules I have set initiate and close connection as expected but the blackberry connection is refused (but not denied by the Enterprise rule).
 
Can someone explain how I setup the network so that I can get the above services to work, using two NICs on the same network?
 
When I try the back firewall I get the same as using front firewall. Whether or not I add one or both NICs (or neither) to the network, when I try to create a web listener and select for it to listen on External is prompts me with a dialog box telling me this is a single NIC configuration. (I assume I lose ISA functionality with a single NIC config)
Post #: 1
RE: Two NICs on same network - 20.Aug.2008 7:44:28 AM   
Jason Jones

 

Posts: 2121
Joined: 30.Jul.2002
From: United Kingdom
Status: offline 		You cannot use two NICs on the same network - ISA needs each network interface to be connected to unique networks.

You will need to use a single NIC setup (and then lose server publishing) or create a new network so that ISA can pass and protect traffic correctly.

Is there any chance you could put ISA in parallel with your existing back firewall? How about using other interfaces on the existing firewall(s) to allow for a dual NIC ISA setup?

I am pretty sure you will need a dual NIC Setup anyhow as a single NIC setup is only able to proxy web-based protocols and I think Blackberry uses custom non-web protocols.

Cheers

JJ

< Message edited by Jason Jones -- 20.Aug.2008 7:48:16 AM >

_____________________________

Jason Jones (MVP)

Silversands Limited http://www.silversands.co.uk
My Blog: http://blog.msfirewall.org.uk/

Get our NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to macARFA)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Network Infrastructure >> Two NICs on same network Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts