• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Specify specific ip on external nics wih multiple ip addresses for outbound traffic

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Misc.] >> ISA Server Wish List >> Specify specific ip on external nics wih multiple ip addresses for outbound traffic Page: [1]
Login
Message << Older Topic   Newer Topic >>
Specify specific ip on external nics wih multiple ip ad... - 9.Mar.2004 1:07:00 PM   
Lobotomy

 

Posts: 33
Joined: 3.Jun.2002
From: Sweden
Status: offline 		Something I've long wished for, is the ability to specify somewhere, say in the oubound filter, which external ip address out of the ones available on the external nic to use for the traffic.

Say we have 2 mail servers published behind ISA.
Company 1 and Company 2 each have a server.
For one reason or another, the separately need to send mail directly out through the firewall.

Server 1 is published to use the default external ip of the ISA machine, for inbound and outbound mails.

Server 2 is published with another ip address.

The problem arises when the recieving mail server does a reverse DNS lookup, to verify that the sender is indeed server 2. The lookups states that the ip address that Server 2 connects from resolves to Server 1, and hence mail delivery fails.

This can in most cases be solved by having a routing mail server do the delivery and recieve mails etc, but you understand the problem.

Another scenario is where you might wish the mail server to use a specific address, which has an reverse lookup entry defined, and all users that browse the Internet, to use another address that doesn't have a reverse lookup defined.

I think this might be a shortcoming in the operating system, but as this product is mainly intended to be the ONLY product installed onto Win 2000/2003, it would be OK for ISA to modify the behaviour of routing etc in Windows.

// Lobo
Post #: 1
RE: Specify specific ip on external nics wih multiple i... - 30.Mar.2004 12:45:00 AM   
trebligb

 

Posts: 94
Joined: 13.Feb.2002
Status: offline 		I've been bit by this. I ended up replacing a couple of ISA servers for county governments in Montana with Sonicwalls with the Enhanced SonicOS because of this behavior. That hurt because I put the ISA servers in a year ago. Some specific users needed to get to a certain app hosted at the state government that each client had to be coming from a unique IP address. The easy answer is a VPN but the state wasn't biting. Each client had to have a unique public IP address.

(in reply to Lobotomy)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Misc.] >> ISA Server Wish List >> Specify specific ip on external nics wih multiple ip addresses for outbound traffic Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts