Welcome to ISAserver.org

DMZ / Perimeter Network Inbound Issue

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2004 Firewall] >> DMZ >> DMZ / Perimeter Network Inbound Issue

Page: [1]

Message

<< Older Topic Newer Topic >>

DMZ / Perimeter Network Inbound Issue - 7.May2006 5:34:21 PM

andrewyfloo

Posts: 10
Joined: 21.Apr.2005
From: Singapore
Status: offline

Hi all,

I have successfully deploy the new ISA 2004 standard server at my ecommerce server farm.

All the Inbound connections have been dropped but the outbound connections are fine. I have created all the server publishing access policies accordingly. Problem still persists after changing the policy rules.

My Firewall setup is as follow

Internet (202.x.x.1) --> ISA External int(IP:202.x.x.45, GW:202.x.x.1) -- ISA DMZ / Perimeter (IP:202.x.x.51) -- ISA LAN Int(192.168.100.1).

My Web1 server IP is (202.x.x.44) & Web2 server IP is (202.x.x.46), Mail1 server IP is (202.x.x.47), Mail2 server IP is (202.x.x.33).

None of the perimeter / DMZ network computers could be located after the deployment of this new ISA 2004 firewall. It was working fine with my old firewall box which setup as transparent bridge.

Is the ISA 2004 suitable for the network infrastructure which described as above? I'm stuck here... pls help....

Andrew.

Post #: 1

Featured Links*

RE: DMZ / Perimeter Network Inbound Issue - 18.May2006 3:18:06 AM

tshinder

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Andrew,

It sounds like your routing is messed up. ISA doesn't work in bridge mode so you need to take into account whether you want to use Route or NAT, and then subnet your public block appropriately if you want to use public addresses. Remember to create the routing table entries on the ISA firewalls and front-end router so all devices know the gateway address for each network.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to andrewyfloo)

Post #: 2