• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA as Router and Web Cache

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Network Infrastructure >> ISA as Router and Web Cache Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA as Router and Web Cache - 31.Oct.2007 5:06:13 PM   
xjamest

 

Posts: 3
Joined: 26.Sep.2007
Status: offline
Hi, I hope you can help me or tell me if this is posible. I have an ISA Server as Back Firewall, because theres a Checkpoint connected no the wAN, an the thing is that the Checkpoint accepts VPN connections, and my ISA has 3 NICS (one for intraarray), so I have an interna and an external interface.

I mhave to make to the Cache works (thats the esasiest thing), but when I activate this, the VPNs can get into my internals network. I create a Network Rule fromExternal to Internal as Route, but when I enable this, I cant navigate and cant get VPN clients to interna networks. I cant make a 3-leg configurations because I have no more NICS (besides, communications guys dont want to do the extra work).

So, basically, I want to know if as Back Firewall ISA con route directly External to Internal (Intranet traffic) and Internal to External (Internet, and clients in VPN to Intranet traffic).

Tks guys...
Post #: 1
RE: ISA as Router and Web Cache - 31.Oct.2007 8:26:14 PM   
Jason Jones

 

Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
Yep, totally possible.

Don't forget, ISA is a firewall too, so once it is 'inline' you will need to define rules to permit traffic for services like VPN etc.

_____________________________

Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to xjamest)
Post #: 2
RE: ISA as Router and Web Cache - 1.Nov.2007 1:39:39 PM   
xjamest

 

Posts: 3
Joined: 26.Sep.2007
Status: offline
Damn, I cant!!!!!

I create a Network Rule and an acces rule, and when I do this, I have no conecction to Internet!! I already tried with the Network Rule as Route, as NAT, only with the access rule, only with the network rule, and keep doing the same thing when I do that, and have connection from VPNs and servers at the External interface, Internet access stops....

Some of the errors are:

-80 HTTP Closed Connection  0x80074e20 FWX_E_GRACEFUL_SHUTDOWN   Local Host External - CORP-ISA1 Firewall

- 80 HTTP Initiated Connection Web Access Only 0x0 ERROR_SUCCESS   Internal External - CORP-ISA2 Firewall

I dont know what kind of errors more could ypu guys need to help, but this are regular in the logs....

Tks guys...


(in reply to Jason Jones)
Post #: 3
RE: ISA as Router and Web Cache - 1.Nov.2007 7:16:01 PM   
Jason Jones

 

Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
Check this article and the subsequent follow-ups..this should help get the back-to-back setup correct.

http://www.isaserver.org/tutorials/Configuring-Domain-Members-Back-to-Back-ISA-Firewall-DMZ-Part1.html

Cheers

JJ

_____________________________

Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to xjamest)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Network Infrastructure >> ISA as Router and Web Cache Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts