• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Noobice question - ISA configuration

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Installation >> Noobice question - ISA configuration Page: [1]
Login
Message << Older Topic   Newer Topic >>
Noobice question - ISA configuration - 20.Sep.2007 9:31:50 PM   
Remy Lebeau

 

Posts: 13
Joined: 18.Sep.2007
Status: offline
Hi all,

I'm trying to get my head around how to configure ISA server, and need a bit of guidance.  I've read bits and pieces but haven't been able to put it together in my head.

If I understand correctly, in a "edge" configuration( LAN -> ISA -> WAN), the ISA server gets assigned a DNS server and GATEWAY address ONLY on the LAN side.

My question then is, how does the ISA server know where to send packet requests for the internet?!?!???  It just doesn't seem to make sense.  I currently have it setup so that the LAN and WAN both have DNS server addresses, and the WAN side has a gateway IP (and this seems to work... albeit with some issues)

Any assistance appreciated!
Post #: 1
RE: Noobice question - ISA configuration - 21.Sep.2007 12:08:56 AM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
Hi,

quote:

the ISA server gets assigned a DNS server and GATEWAY address ONLY on the LAN side.

NO!! where did u read this !

DNS only on Internal NIC.
Gateway Only on External NIC

read this : http://www.isaserver.org/tutorials/Configuring_ISA_Server_Interface_Settings.html

HTH,
Tarek

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to Remy Lebeau)
Post #: 2
RE: Noobice question - ISA configuration - 21.Sep.2007 1:54:12 AM   
Remy Lebeau

 

Posts: 13
Joined: 18.Sep.2007
Status: offline
Thanks elmajdal, very useful!

I still don't understand this part though "Your internal network needs some method of resolving Internet names."  doesn't that imply that my internal network is connected to the internet some way OTHER than the ISA server?  Or does that mean that my DNS server connected to the internet through the ISA server to retrieve DNS updates?

EDIT: Thanks for that link, it's very informative, I'll work through that then let you know if I still have issues!

< Message edited by Remy Lebeau -- 21.Sep.2007 1:56:36 AM >

(in reply to elmajdal)
Post #: 3
RE: Noobice question - ISA configuration - 21.Sep.2007 2:57:42 AM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
Hi Remy,

You should have an Internal DNS Server that would forward external requests to your ISP DNS Servers.

check my article here : http://elmajdal.net/isaserver/Internal_DNS_Forwarding.aspx

HTH,
Tarek

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to Remy Lebeau)
Post #: 4
RE: Noobice question - ISA configuration - 23.Sep.2007 8:40:12 PM   
Remy Lebeau

 

Posts: 13
Joined: 18.Sep.2007
Status: offline
thanks elmajdal.  Very helpful!

It seems to be running ok now, however I can't connect to the ISA server via RDC, I have to log on locally.

As far as I can tell I've enabled RDC on the ISA server, and created a firewall rule to allow internal connections to RDC.  However I can't access it (I can't ping it either which I don't know if this is related).  The web proxy works fine though.

Any suggestions?

(in reply to elmajdal)
Post #: 5
RE: Noobice question - ISA configuration - 23.Sep.2007 11:06:47 PM   
Remy Lebeau

 

Posts: 13
Joined: 18.Sep.2007
Status: offline
I've found the problem.  In the firewall system policies I had to add my machine to the terminal services allowed list.

(in reply to Remy Lebeau)
Post #: 6
RE: Noobice question - ISA configuration - 24.Sep.2007 1:52:49 AM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
Hi,

Glad it worked and thanks for the follow up.

Keep this article in your favorites : http://thelazyadmin.com/blogs/thelazyadmin/archive/2006/01/18/ISA-2004-Remote-Administration.aspx

if you want to enable ping , although its not recommended, check the ICMP System Policy

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to Remy Lebeau)
Post #: 7

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Installation >> Noobice question - ISA configuration Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts