Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
VMware installation
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
RE: VMware installation - 4.Mar.2004 4:41:00 PM
|
|
|
tshinder
Posts: 47439
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Paul,
I've been thinking about the exact same thing. In fact, I'll be writing that article this week for the 18 chatper Getting Started Guide!
Stay tuned!
Tom
|
|
|
|
|
RE: VMware installation - 8.Mar.2004 1:09:00 AM
|
|
|
tad_braun
Posts: 94
Joined: 31.Dec.2003
Status: offline
|
Hello,
I will be SO STOKED to see this VMWare doc! Thanks for taking the time to do this. Since new PC's for testing become expensive as the tests multiply, VMWare is the only way I test anymore. This will be a treat, I'm sure...
|
|
|
|
|
RE: VMware installation - 11.Mar.2004 12:21:00 AM
|
|
|
Lambera
Posts: 40
Joined: 5.Mar.2004
From: Washington
Status: offline
|
I would recomend VPC 2004 by microsoft, works great for ISA 2004 and allows you to have one network card on the physical box and in the VPC console add up to 4 virtual network cards based on any installed on the machine.
Contact me on MSN Lambera22@hotmail.com and we can talk if you want.
|
|
|
|
|
RE: VMware installation - 11.Mar.2004 1:44:00 AM
|
|
|
tshinder
Posts: 47439
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi AJ,
I hear VPC isn't bad, but for some of the more detailed network scenarios we'll be working with in the future in my books and on this site, we'll need to use in some cases all 9 virtual switches that VMware provides. But for simple scenarios, VPC is supposed to work fine.
Thanks!
Tom
|
|
|
|
|
RE: VMware installation - 12.Mar.2004 9:40:00 PM
|
|
|
Lambera
Posts: 40
Joined: 5.Mar.2004
From: Washington
Status: offline
|
I wonder if the Virtual server from msft will over come that issue , its still in beta and I have seen it yet.
|
|
|
|
|
RE: VMware installation - 12.Mar.2004 10:34:00 PM
|
|
|
tshinder
Posts: 47439
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi AJ,
Perhaps. They'll also need to support hot-plugged and unplugging of VMs into virtual networks. The nice thing about VMware is that its very network centric!
Thanks!
Tom
|
|
|
|
|
RE: VMware installation - 16.Mar.2004 7:16:00 AM
|
|
|
Guest
|
I've been trying to get Virtual Server beta to run ISA 2004 beta for a while now--I believe there is a compatibility problem with the virtual networking but don't quote me on it.
FYI, the current VS beta only supports 4 virtual NICs. It does support hot-un/plugging of the NICs into your various networks but the 4 NIC limit will obviously not suffice for complex setups.
--Jared
|
|
|
|
|
RE: VMware installation - 16.Mar.2004 11:15:00 AM
|
|
|
tshinder
Posts: 47439
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Jared,
Thanks! So, you're saying that VS only supports 4 virtual switches?
Thanks!
Tom
|
|
|
|
|
RE: VMware installation - 16.Mar.2004 6:56:00 PM
|
|
|
Guest
|
If I've got the terminology correct...
VS beta appears to support numerous "virtual networks" which I believe are equivalent to virtual switches. I configured about 15 with no limit in sight so it should support your 9 switch requirement.
To be independent of each other, each virtual network has to connect to some NIC: physical, vlan, or loopback. I didn't take the time to add that many loopbacks but it looks like it should work.
The VMs are still limited to the 4 virtual NICs I mentioned before so that limits how complex a single virtual ISA server could get.
--Jared
|
|
|
|
|
RE: VMware installation - 16.Mar.2004 10:51:00 PM
|
|
|
canada
Posts: 3
Joined: 16.Mar.2004
Status: offline
|
Isa 2000 & 2004 beta work great on Vmware, I also do my testings using it.
Two NICs, one on the bridged network which represent the internal ("domain") and the second on the NAT network considering it will be my ISP.
If you need a DNS record considering you're using a DHCP Dsl connection you can use the Dynamic DNS providers. I published an Exchange 2000 SRV behind ISA.
VmWare just needs a fine tune up of a configuration file vmnetnat.conf to allow the incoming tcp & udp ports into you virtual machine.
The one I use is VmWare GSX 2.5.1 & now ver.3 with 2 NICs, 3 SRV Os and a client OS on a W2k srv host. It just needs enough RAM.
Tested with w2k & isa 2k, W2k3 & Isa 2004.
I bet other configurations are also possible ( back to back and tri homed) but not tested yet.
Hope this will help.
|
|
|
|
|
RE: VMware installation - 17.Mar.2004 1:47:00 AM
|
|
|
tshinder
Posts: 47439
Joined: 10.Jan.2001
From: Texas
Status: offline
|
quote:
Originally posted by <Jared>:
If I've got the terminology correct...
VS beta appears to support numerous "virtual networks" which I believe are equivalent to virtual switches. I configured about 15 with no limit in sight so it should support your 9 switch requirement.
To be independent of each other, each virtual network has to connect to some NIC: physical, vlan, or loopback. I didn't take the time to add that many loopbacks but it looks like it should work.
The VMs are still limited to the 4 virtual NICs I mentioned before so that limits how complex a single virtual ISA server could get.
--Jared
Hi Jared,
It may be similar. What I wonder is if these virtual networks are isolated Ethernet broadcast domains, in the same way that VMware networks are. You'll run into issues if they are on the same Ethernet broadcast domains when doing troubleshooting and testing. I know, I used to put all hosts on the same VMnet and just assigned different network IDs to the hosts, and made some big boo boos because the result were spurious and make it appear as if the ISA firewall performed proxy ARP (which it does not).
Thanks!
Tom
|
|
|
|
|
RE: VMware installation - 17.Mar.2004 1:49:00 AM
|
|
|
tshinder
Posts: 47439
Joined: 10.Jan.2001
From: Texas
Status: offline
|
quote:
Originally posted by canada:
Isa 2000 & 2004 beta work great on Vmware, I also do my testings using it.
Two NICs, one on the bridged network which represent the internal ("domain") and the second on the NAT network considering it will be my ISP.
If you need a DNS record considering you're using a DHCP Dsl connection you can use the Dynamic DNS providers. I published an Exchange 2000 SRV behind ISA.
VmWare just needs a fine tune up of a configuration file vmnetnat.conf to allow the incoming tcp & udp ports into you virtual machine.
The one I use is VmWare GSX 2.5.1 & now ver.3 with 2 NICs, 3 SRV Os and a client OS on a W2k srv host. It just needs enough RAM.
Tested with w2k & isa 2k, W2k3 & Isa 2004.
I bet other configurations are also possible ( back to back and tri homed) but not tested yet.
Hope this will help.
Hi Canada,
Interesting config! I've never used the NAT network and usually disable it because I never need it. I just assign the bridged adatper a default gateway address that points to the actual Internet router on the live network. Then all hosts are assigned to different VMnets so that the networks are logically and physically separated (like actual segmented Ethernet networks).
Thanks!
Tom
|
|
|
|
|
RE: VMware installation - 17.Mar.2004 9:27:00 PM
|
|
|
Guest
|
quote:
Originally posted by tshinder:
It may be similar. What I wonder is if these virtual networks are isolated Ethernet broadcast domains, in the same way that VMware networks are.
I have never used VMware and VS sounds quite a bit simpler. Basically, you can configure your virtual networks however you want. If you made two separate vnets that did not share the same physical NIC, loopback, or external network, then the two networks are completely separate and no broadcasts would reach the other network.
--Jared
|
|
|
|
|
RE: VMware installation - 18.Mar.2004 2:42:00 AM
|
|
|
tshinder
Posts: 47439
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Jared,
Thanks!
Tom
|
|
|
|
|
RE: VMware installation - 8.Apr.2004 11:05:00 PM
|
|
|
Kiliman
Posts: 11
Joined: 5.Feb.2004
From: Virginia
Status: offline
|
Hey Tom, what's the status on the VMWare document?
The way I have my system setup:
ISA VM (2 NICs):
External NIC: NAT - treat Host machine as ISP
IP: 192.168.202.100, 192.168.202.101
DG: 192.168.202.2 (HOST)
DNS: 192.168.202.2
Internal NIC:
IP: 192.168.142.100
DG: none
WEB Server VM (1 NIC):
Internal NIC:
IP: 192.168.142.120
DG: 192.168.142.100 (ISA)
DNS: 192.168.202.2
I've got Web Publishing enabled and have set Proxy requests to published server: Requests appear to come from the original client.
This new capability is sweet! Now my web logs have the remote client's IP!
The next thing I want to configure is Server Publishing to an internal SMTP server. This server will accept connections on the 2nd external IP (192.168.202.101).
One of the problems with ISA2000 is that outbound connections always come from the default IP of the ISA server. This was not what I wanted because my MX record had the 2nd IP and I only want my SMTP server to send mail from this IP.
You mentioned earlier about creating a second "network" and then creating a "route" between that host and IP http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=22;t=000001
Unfortunately, I don't have a clue what you mean.
Can you break that down into step-by-step instructions?
Thanks,
Kiliman
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
![[Smile]](/image/smiles/smile.gif)
