Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Using ISA Server to limit access on internal networks

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> Using ISA Server to limit access on internal networks Page: [1]
Login
Message << Older Topic   Newer Topic >>
Using ISA Server to limit access on internal networks - 9.Sep.2005 5:22:00 PM   
curruscanis

 

Posts: 8
Joined: 8.Sep.2005
Status: offline 		I am trying to figure out a method in a lab enviorment two protect a very secure network with a ISA 2004 Firewall.

My lab is setup with a ISA firewall with three interfaces:
Internal / Servers Network <- secure network with Active Directory Domain controllers and other servers.

Internal / Client Network <- internal network consisting of client pc's, and other misc.

External / internet <- the internet

I am trying to setup an enviorment that will allow the client PC's that are in the second internal network to access the secure internal network only if they are members of the domain.

I have attempted installing the Firewall Client on the clients and setup an "Allow all traffic" policy between the two internal networks with the condition that the "user" must be a domain user. The ISA firewall is also a member of the Domain, allowing the creation of a domain users group identity. This so far has proved unsuccessfull as the clients attempting to connect, with or without the firewall client, do not seem pass their username credentials for access other than HTTP/HTTPS.

How do I get the clients to send their username credentials for access to ports other than HTTP? So that my clients on a different interface than my servers can authenticate and send data back and forth.

Thanks in advance... beer to the successful assistance!
Post #: 1
RE: Using ISA Server to limit access on internal networks - 10.Sep.2005 6:07:00 PM   
Anders

 

Posts: 19
Joined: 11.Apr.2002
From: Denmark
Status: offline 		Are you using NAT or Routing relationship between the Internal and the servers network? You should be using routing relationship! (Kerberos does not work well with NAT for one thing)
Without the firewall client authentication will fail in this setup (except for HTTP, HHTPS and FTP).

If the above doesn't help check the log and elaborate.

Cheers,

(in reply to curruscanis)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> Using ISA Server to limit access on internal networks Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts