Hi Folks, I am configuring ISA Server 2004, running on Windows Server 2003 SP1 with updates from 30-NOV-2005 and I have a doubt with some specific NAT configuration. The machine has two networks interfaces. Internal interface address and netmask are 192.168.1.254 – 255.255.255.0. On the external Interface I have two IP Addresses 172.16.0.233 and 172.16.0.243 and netmask 255.255.255.0
For normal Internet access from internal network machines, I would like NAT to use the external address 172.16.0.233, but, for all the connections directed at our partner company network (range 10.1.1.1/24), I would like ISA2004 to do the NAT using external address 172.16.0.243. Any hints?
I appreciate and help and would like to apologize for eventual double postings.
Best Regards, Jasho Mendinka
Internal Clients (192.168.1.1/24) | | (internal IP 192.168.1.254) [ISA 2004] (external IP’s 172.16.0.233, 172.16.0.243) || ||--- Partner Company (only accepts connections from IP 172.16.0.243)
This is a highly requested feature, but ISAa 2004 cannot control the source IP of traffic initiated by an internal host. It will always come from the primary IP (the IP listed in the main dialog of TCP/IP properties).
you could solve your problem by changing your design as follows:
Internal --- [ ISA ] --- Internet ! +------- Partner
So, put a third interface in the ISA and use that one to connect to your partner network. Of course, do *not* specify a default gateway on this interface and make sure you assign another Network ID to it. Next, define the necessary persistent static routes for the destinations reachable through this interface.
< Message edited by spouseele -- 2.Dec.2005 3:59:40 PM >