Welcome to ISAserver.org

Wishes

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2004 Misc.] >> ISA Server 2004 Wish List >> Wishes

Page: [1]

Message

<< Older Topic Newer Topic >>

Wishes - 21.Nov.2006 4:20:50 AM

tomers@tomers.co.il

Posts: 24
Joined: 1.Nov.2006
Status: offline

My current wishes:

1) More NAT capabilities. I want to be able to configure NAT translations just like Checkpoint.

2) Better Publishing functions. I want to be able to publish a HTTPS server and access that publishing rule from internal clients too. As for today it is not possible for HTTPS. I assume it has something to do with my first wish..

_____________________________

Tomer Schwaitzer
MCT, MCSA, MCSE, CCNA

Post #: 1

Featured Links*

RE: Wishes - 24.Nov.2006 12:39:53 PM

tshinder

Posts: 47010
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Tomer,

#1 -- will be improved with the next version!

#2 -- You can already do that. Just configure the rule to listen on the Internal network (or whatever network you want) and then configure DNS appropropriately.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/

GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to tomers@tomers.co.il)

Post #: 2

RE: Wishes - 25.Nov.2006 3:25:17 AM

tomers@tomers.co.il

Posts: 24
Joined: 1.Nov.2006
Status: offline

I'm already familier with this method... The main issue is doing it without touching the DNS...

(in reply to tshinder)

Post #: 3

RE: Wishes - 26.Nov.2006 10:43:11 AM

tshinder

Posts: 47010
Joined: 10.Jan.2001
From: Texas
Status: offline

Why not configure DNS? I've done it hundreds of times -- very easy.

I don't see how its possible without understanding DNS.

Tom

_____________________________

Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/

GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to tomers@tomers.co.il)

Post #: 4

RE: Wishes - 26.Nov.2006 5:05:21 PM

tomers@tomers.co.il

Posts: 24
Joined: 1.Nov.2006
Status: offline

I have a very complicated environment behind the ISA. I don't think there are many environments like this one arround.
Think about an ISP environment where ISA is the main firewall which all clients go through to the Internet.
Clients are companys networks. Each client has its own Active Directory, with Exchange and other servers.
The ISA publishes many Exchange servers for different AD Forests, Each has it's own IP ranges, own ISA network and no one has access to each other. All the networks have NAT relationship with the Internet (By ISA) and no relationship with each other.
With DNS, I can solve for each client the access for its own servers.
BUT:
What happens if one of the clients is physicaly visiting a collegue who happens to be another client behind the same ISA, and the first client wants to access his OWA. Here I have a problem which has only one solution as for now:
Make relationship between the two networks...(Which I can't because of contract limits).
The only solutions I think of is using the same Publish rule that I use for the internet, and access the OWA by its external IP. But what do you now.... HTTPS don't work.... (every other protocol works by the way)
Any idea ?

_____________________________

Tomer Schwaitzer
MCT, MCSA, MCSE, CCNA

(in reply to tshinder)

Post #: 5