• Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

NAT external address selection

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> General >> NAT external address selection Page: [1]
Message << Older Topic   Newer Topic >>
NAT external address selection - 2.Dec.2005 3:08:37 PM   


Posts: 4
Joined: 2.Dec.2005
Status: offline
Hi Folks,
I am configuring ISA Server 2004, running on Windows Server 2003 SP1 with updates from 30-NOV-2005 and I have a doubt with some specific NAT configuration. The machine has two networks interfaces. Internal interface address and netmask are  On the external Interface I have two IP Addresses and and netmask

For normal Internet access from internal network machines, I would like NAT to use the external address, but, for all the connections directed at our partner company network (range, I would like ISA2004 to do the NAT using external address Any hints?

I appreciate and help and would like to apologize for eventual double postings.

Best Regards,
Jasho Mendinka

Internal Clients (
(internal IP
[ISA 2004]
(external IPs,
        ||--- Partner Company (only accepts connections from IP 

Internet (ISP)
Post #: 1
RE: NAT external address selection - 2.Dec.2005 3:42:25 PM   


Posts: 1848
Joined: 26.Jan.2001
From: Keller, TX
Status: offline
This is a highly requested feature, but ISAa 2004 cannot control the source IP of traffic initiated by an internal host. It will always come from the primary IP (the IP listed in the main dialog of TCP/IP properties).

(in reply to jasho.mendinka)
Post #: 2
RE: NAT external address selection - 2.Dec.2005 3:57:34 PM   


Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi Jasho,

you could solve your problem by changing your design as follows:

Internal --- [ ISA ] --- Internet
               +------- Partner

So, put a third interface in the ISA and use that one to connect to your partner network. Of course, do *not* specify a default gateway on this interface and make sure you assign another Network ID to it. Next, define the necessary persistent static routes for the destinations reachable through this interface.


< Message edited by spouseele -- 2.Dec.2005 3:59:40 PM >

(in reply to ClintD)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> General >> NAT external address selection Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts