I wasn't sure how to blank out everything and make sure I got it. So I used the "Edge" firewall template on both and used a "Block All" for my Firewall policy. Created DNS/HTTP/HTTPS rules on both and everything started working. So that got me thinking, what the heck is wrong with the Front/Back templates. I then saved my working CFG's and started over with the Front/Back templates and figured out the problem. The network relationship on the front end firewall for the "Perimeter" network, was Route, I switched to NAT and everything started working.
So, I then created a specific rule for the back end firewall on my front end firewall's network rules and set it to NAT and the switched the Perimeter Network rule back to Route.
My concern is, is there a benefit on keeping the Perimeter network with a Route vs. NAT relationship?
I will be publishing a Web, Frontend Exchange server w/OWA, a SFTP(SSH2) box on the perimeter network.
RE: Troubles with a back to back - DNS - 18.Jul.2005 8:36:00 AM
hi man you must check your network internet isa2004 (F) open all traffic nic1 nic2 nic3 ----- ---- ------ internet dmzip isa2004(F)ip isa2004(B) nic1 nic2 ---- ------ isa2004(f)ip switch on your lan
then check you internet acces on you isa2004(b) if you access to internet then open traffic on your isa 2004(b) on dns ip:xxxxxxxxxxxx for dns subnetmask:xxxxxxxxxxx getway:ip for isa2004(b) dns1:xxxxxxxxxxxxxxx dns2:xxxxxxxxxxxxxxx on dhcp add option for geteway :ip for isa2004(b) this is you problem plz check it ......... RH