• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Perimiter Network IP

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Installation >> Perimiter Network IP Page: [1]
Login
Message << Older Topic   Newer Topic >>
Perimiter Network IP - 28.Oct.2004 4:12:00 AM   
bheusmann

 

Posts: 102
Joined: 13.Oct.2004
Status: offline
I have 2 IP's for my Business Network. I am trying to figure out how to get things set up. My ISA2004 Server has 3 NIC's, WAN, DMZ, LAN. One of my IP's is assigned to the WAN.
My question is this, for the Perimiter Network (DMZ), do I assign the second IP from my ISP to the DMZ NIC on the ISA2004 Server?

I have a web/dns server in the Perimiter Network connected to a hub, the hub is connected to the DMZ NIC in the ISA2004 Server. Would the IP address of the web/dns server be a private IP like 192.168.x.x or 10.0.x.x? Any help would be appreciated. Thank you.

-Bryan
Post #: 1
RE: Perimiter Network IP - 28.Oct.2004 4:18:00 AM   
Ara.A

 

Posts: 259
Joined: 21.Oct.2004
Status: offline
Hello
I guess you should one of your ipÆs to external nic. Then assign 2 different subnets for internal and dmz. Then assign your other live ip (like for mail server) to nic of the server and then apply forwarding rules
[Confused]

(in reply to bheusmann)
Post #: 2
RE: Perimiter Network IP - 28.Oct.2004 4:39:00 AM   
bheusmann

 

Posts: 102
Joined: 13.Oct.2004
Status: offline
So basically it would look something like:

ISA2004 Server:
WAN NIC: 70.182.xxx.xxx (IP 1 from ISP)
DMZ NIC: 192.168.0.1 (Private IP)
LAN NIC: 10.0.0.1 (Private IP)

DMZ Server:
NIC: 70.182.xxx.xxx (IP @ from ISP)

LAN Server:
NIC: 10.0.0.2 (Private IP)

What would the forwarding look like, is that something done on the ISA2004 Server? I am trying to have my ISA2004 Server as my primary DNS for external requests and the DNS Server in the Perimiter Network as a secondary. With the DMZ NIC on the ISA2004 Server having an IP of 192.168.0.1, how will this effect it? If I'm on the internet and do a NSLOOKUP ON ns2.conseptsolutions.com (which is the secondary DNS serve in the DMZ) will it come back with the second public IP I have assigned to that server ? Confusing, I know...

-Bryan

(in reply to bheusmann)
Post #: 3
RE: Perimiter Network IP - 28.Oct.2004 4:48:00 AM   
Ara.A

 

Posts: 259
Joined: 21.Oct.2004
Status: offline
Hello
I am noob but I think you should do it this way
LetÆs say you have a mail server on your dmz, then forward incoming external smtp packets to your dmz host ( ip or machine name )
Hope someone with more experience help you
[Confused]

(in reply to bheusmann)
Post #: 4
RE: Perimiter Network IP - 28.Oct.2004 7:38:00 PM   
grinn253

 

Posts: 76
Joined: 12.Jul.2004
From: Seattle
Status: offline
Hello,

I would try:

WAN NIC: 70.182.xxx.xxx (IP 1 from ISP)
WAN NIC: 70.182.xxx.xxy (2nd IP from ISP)
DMZ NIC: 192.168.0.1 (Private IP)
LAN NIC: 10.0.0.1 (Private IP)

DMZ Server:
NIC: 192.168.0.2

LAN Server:
NIC: 10.0.0.2 (Private IP)

Then use publishing/listeners to grant access to the machine in the DMZ.

Goodbye,
Edgardo
(also a newbe)

(in reply to bheusmann)
Post #: 5
RE: Perimiter Network IP - 28.Oct.2004 9:38:00 PM   
bheusmann

 

Posts: 102
Joined: 13.Oct.2004
Status: offline
quote:
Originally posted by grinn253:
Hello,

I would try:

WAN NIC: 70.182.xxx.xxx (IP 1 from ISP)
WAN NIC: 70.182.xxx.xxy (2nd IP from ISP)
DMZ NIC: 192.168.0.1 (Private IP)
LAN NIC: 10.0.0.1 (Private IP)

DMZ Server:
NIC: 192.168.0.2

LAN Server:
NIC: 10.0.0.2 (Private IP)

Then use publishing/listeners to grant access to the machine in the DMZ.

Goodbye,
Edgardo
(also a newbe)

Thanks. That is exactly where I was going with this.

(in reply to bheusmann)
Post #: 6
RE: Perimiter Network IP - 5.Nov.2004 12:20:00 PM   
Silverjj

 

Posts: 13
Joined: 16.Apr.2004
Status: offline
I've kind of the same question but I've a router from my isp with a fixed address and 5 public ip address available (6 in total), the router has been setup with routed subnet.

I want to use the ISA Server 2004 because I've 2 seperate LAN's, 1 DMZ LAN.
My Server has 4 Nic's in total:
1 from isa to router
1 from isa to lan 1 (corporate lan)
1 from isa to lan 2 (lab lan)
1 from isa to dmz lan

What I'm trying to do is:
Lan 1 get on the internet
Lan 1 let everyone use OWA
Lan 1 get in to the dmz
Lan 2 get on the internet
Lan dmz everyone from internet to servers (web,ftp...)

IP Range 192.168.1.xxx for LAN 1
IP Range 10.10.10.xxx for LAN 2
IP Range 10.10.0.xxx for LAN 3
IP Range ISP 66.606.66.62 until 67

How do i setup this one ?

Thank for some tips
JJ

(in reply to bheusmann)
Post #: 7

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Installation >> Perimiter Network IP Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts