RE: Discussion for Using a Trihomed ISA/VPN Server to S... - 21.Jun.2004 2:30:00 AM
thanks for the article, its been very enlightening. however im new to ISA administration and my networking is rusty, so im having some trouble addapting your senario to what im trying to acheive.
what im attempting is, in all other respects exactly the same as your example except for the fact that my DSL router insists on being a border router and doing NAT. this leaves me with another segment between the ISP and my ISA server.
what's the best way to deal with this. bareing in mind that I can reconfigure the DSL router?
Does your book "ISA Server and Beyond" cover this topic? I am trying to connect a wireless router to a third NIC and allow wireless users easy access to the internet without allowing access to my network.
I have the new book (ISA Server 2004) but have yet to really dig into it. From a quick scan through it, I did not see anything specifically related to configuring a WLAN. There are index references to it, but the index is pointing to other pages within the index that have nothing to do with the topic.
I am in need of wireless/isa 2004 wireless configuration as well. Seems there is a serious lack of documentation on the web. I would like to be directed to some instructions on how to set up a wireless segment on a tri-homed ISA 2004 box. Thanks!
From: PA, USA
I have Win2K and ISA2000. I have tried the setup that kirill has suggested. Are there other steps I need to take?
I had my wireless router working with ISA before and then due to an IP renumbering my subnet went from 192.168.1.x to 192.168.98.x and that's when it stopped working. I made the changes in the places listed by kirill however it still won't let me VPN in. I can do VPN over the internet just not using the wireless router. I have a tri-homed machine with NICs for internal, external, and wireless. I can also access the router through my wired network.
From: Gilbert, AZ
On the topic of Trihomed wireless setup, Can this work on a private network DMZ running SBS 2003 (where ALL the servers - ISA 2000, Exchange, Windows Standard 2003, Windows Sharepoint, and SQL 2000 are running in the same physical box)?
adding a third NIC to the SBS 2003 server and plug the wireless router (Netgear FWAG114 - can be used as a bridge or AP) into the new NIC. DHCP still performed by SBS2003 box?
Hello, Although this thread has been initiated quite long time ago, the content is still very useful. I am considering implementing the WLAN solution mentioned above into my environment but have a concern. I already have production network facilities all over the building and don't have extra space or budget to place more switches/hubs just for hosting WAPs on another IP segment and connect WAPs back to the DMZ interface on my ISA 2004 server which is located in the computer room. Is there a way to use current network appliances to connect those WAPs back to my computer room? I've thought about VLAN, am I on the right track?
I'll put this on my list for the next article. Its a great topic and a config I've already implemented in a number of locations.
Hi Dr. Tom,
Any chance you will still write this article? I'm currently setting up a Multihomed ISA 2004 firewall and would like to include a WAP in my anonymous DMZ. I think I've got my setup where it needs to be but would really like to compare my setup with your article.
I am unable to allow VPN clients from DMZ (outbound) to my internal network, when i do the site to site VPN is brought down, the VPN client connects but obvsioulsy this is wrong as this impacts the site to site VPN, I am beginging to think that VPN clients cannot connect to internal networks from DMZ interface as it is very frustrating to try and solve this issue.
I asked Paulo to help and his advice was helpful and patient! but only got me this far.