We have two offices with two subnets. The offices are attached via a fractionated T1.
Our only internet connection and only ISA 2006 box is located in our primary office. All of the internet traffic from our secondary office goes through our fractionated T1 and out/in our ISA box in the primary office.
I was thinking of installing a proxy in our secondary office in order to help with their internet traffic. All it would do would be to cache some of the internet stuff for the secondary office, no firewall etc.
From: MICHIGAN, US
I would use the ISA 2004 if I had to make the choice and could not obtain any additional funds for ISA 2006. Why not use it as a firewall as well? You may also want to consider installing a packet shaping appliance or something at the branch to optimize your traffic and give priorities to business critical apps.
Interestingly enough, I setup an ISA 2004 box just to mess with it.
The next issue I am running into is the Wpad via DHCP. As our sites are using the same domain/DNS, I am going to have to use DHCP for wpad (at least as far as I understand) as the dns wpad will not be abel to differentiate between the subnets.
I began working with that and my clients started to have troubles.
As for packet shaping, my guess is it will cost prohibitive unless I can find a sofwtare based system (maybe a preconfigured appliance). This opens up a whole host of questions....
< Message edited by BobW -- 15.Feb.2008 5:36:05 PM >
From: MICHIGAN, US
ISA 2004 has had a lot of work since it's initial release. Be sure you have all the patches on both ISA and your OS or your test may not go well. You will want to download, install, and run the ISA BPA tool to be sure you have the big issues addressed.
Tom has a really good article on WPAD on this site as well as a nice tutorial in his ISA 2004 book. You should take a look at them both. I have several subnets and WPAD here... It is possible to set it up as long as you have a sound DNS infrastructure and properly configured routes.