Welcome to ISAserver.org

configuration question

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> configuration question

Page: [1]

Message

<< Older Topic Newer Topic >>

configuration question - 9.Oct.2007 9:04:56 PM

SnidelyW

Posts: 5
Joined: 3.May2003
Status: offline

I have a simple configuration, one network segment behind an ISA Server 2004 Standard Edition firewall. All addresses on the internal network are 192.168.1.x. We just added some Cisco gear to do VOIP, and one of the Cisco boxes has an IP address of 192.168.2.2, and it wants to use NTP to get TOD updates. This box is on the same segment as the 192.168.1.x machines.

The gateway address for the network is 192.168.1.19, which is the IP address of one of the NICs on the ISA Server. The other NIC on the ISA Server connects to the external router.

How do I setup the network configuration/definition and rule to allow the NTP traffic from 192.168.2.2 through ISA server? I get configuration errors trying simple things, like adding 192.168.2.2 to the Internal Network definition, and the NTP packet out is always denied with an error in the ISA monitor trace. I might be able to upgrade to ISA 2006 Standard Edition.

TIA!

JR

Post #: 1

Featured Links*

RE: configuration question - 10.Oct.2007 5:26:17 AM

enricoklein

Posts: 51
Joined: 8.Mar.2005
From: netherlands
Status: offline

Hi,

you say that the Cisco box is on the internal segment, but the IP subnet is different. What is your subnetmask? If you have a subnetmask of 255.255.255.0, the Cisco box in the 192.168.2.x range will not be able to reach the gateway 192.168.1.19.

If the subnetmask is a class B mask (255.255.0.0) then you should include the 192.168.0.0/16 range in the Internal network on ISA.

Regards,
Enrico

(in reply to SnidelyW)