• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Listening on Mutlple IP Addresses

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Server Publishing >> Listening on Mutlple IP Addresses Page: [1]
Login
Message << Older Topic   Newer Topic >>
Listening on Mutlple IP Addresses - 15.Mar.2008 3:41:25 PM   
Puffin

 

Posts: 7
Joined: 12.Mar.2008
Status: offline
Howdy,

I've been using Microsoft ISA Server since it was known as Microsoft Proxy Server and love the product to bits, however I'm in danger of having to ditch it internally due to a line of business vendor ("ConnectWise PSA") saying that ISA Server is known to cause problems due to caching of transaction information.

Although I've had multiple IP addresses on my DSL connection since I had it installed, up until today I was only using the router address.  I went out and got myself a nice Cisco 857W to replace my existing one because ConnectWise needs it's own IP address.

To meet the vendor requirements, I need to be able to publish ports 80, 443 and 3389 on the ConnectWise server to the Internet, however 443 and 3389 are already published to our main server.  This means that we're going to have to use 11.22.33.149 as the SBS box and 11.22.33.148 as the ConnectWise box - the Cisco router is already set up to map 11.22.33.149 to 192.168.1.100 and 11.22.33.150 to 192.168.1.101 however I can't find a way of setting up ISA Server to add an additional external IP address on which to listen or assign that address to a publishing rule

I'm running ISA Server 2004 Standard on SBS 2003, however due to the complexity of the setup I'm not using the SBS wizards to alter the firewall config.  Is it even possible to have multiple static IP addresses on an ISA Server?  I don't want to spend another 2 or 3 hours playing around trying to get something to work that simply won't due to a limitation and will have to say 'goodbye' to ISA after all these years.

Regards, Ade.
Post #: 1
RE: Listening on Mutlple IP Addresses - 15.Mar.2008 3:49:44 PM   
Rotorblade

 

Posts: 1348
Joined: 27.Feb.2007
Status: offline
Hi,

Ok, so don't cache it! Create a non-caching rule.

HTH

RB

_____________________________

David Melvin
Ohio
MCSE: Security 2003, MCSA:Security 2003

(in reply to Puffin)
Post #: 2
RE: Listening on Mutlple IP Addresses - 15.Mar.2008 3:53:37 PM   
Rotorblade

 

Posts: 1348
Joined: 27.Feb.2007
Status: offline
quote:


Although I've had multiple IP addresses on my DSL connection since I had it installed, up until today I was only using the router address.  I went out and got myself a nice Cisco 857W to replace my existing one because ConnectWise needs it's own IP address.


Are you saying that you are trying to configure multiple gateways?

RB

_____________________________

David Melvin
Ohio
MCSE: Security 2003, MCSA:Security 2003

(in reply to Puffin)
Post #: 3
RE: Listening on Mutlple IP Addresses - 15.Mar.2008 4:01:45 PM   
Rotorblade

 

Posts: 1348
Joined: 27.Feb.2007
Status: offline
quote:


To meet the vendor requirements, I need to be able to publish ports 80, 443 and 3389 on the ConnectWise server to the Internet, however 443 and 3389 are already published to our main server.  This means that we're going to have to use 11.22.33.149 as the SBS box and 11.22.33.148 as the ConnectWise box - the Cisco router is already set up to map 11.22.33.149 to 192.168.1.100 and 11.22.33.150 to 192.168.1.101 however I can't find a way of setting up ISA Server to add an additional external IP address on which to listen or assign that address to a publishing rule



As far as adding an additional IP; assign a secondary IP to the External NIC and then create a new Web listener that is bound to the secondary IP. With ISA 2004, you will need to bind a new SSL certificate for the new web listener. As you mentioned, the issue will be with 3389 port access because the you already have a server publishing rule bound to that port.

HTH

RB



_____________________________

David Melvin
Ohio
MCSE: Security 2003, MCSA:Security 2003

(in reply to Rotorblade)
Post #: 4
RE: Listening on Mutlple IP Addresses - 15.Mar.2008 4:54:33 PM   
Puffin

 

Posts: 7
Joined: 12.Mar.2008
Status: offline
No, I want ISA Server to listen to 11.22.33.149 (default) and 11.22.33.148 (additional) and then to be able to setup publishing rules (or a 'allow everything rule') to forward requests to 11.22.33.148 to 192.168.192.4.

(in reply to Rotorblade)
Post #: 5
RE: Listening on Mutlple IP Addresses - 15.Mar.2008 4:56:08 PM   
Puffin

 

Posts: 7
Joined: 12.Mar.2008
Status: offline
Okay, sounds good as far as HTTP/HTTPS publishing goes, but are you saying that it's not possible to create unique rules for a secondary IP address bound to the external NIC?

(in reply to Rotorblade)
Post #: 6
RE: Listening on Mutlple IP Addresses - 15.Mar.2008 6:28:58 PM   
Rotorblade

 

Posts: 1348
Joined: 27.Feb.2007
Status: offline
quote:


Okay, sounds good as far as HTTP/HTTPS publishing goes, but are you saying that it's not possible to create unique rules for a secondary IP address bound to the external NIC?



Sorry, I should have been a little clearer. You should be able to publish to the separate servers as long as you create the server publishing rule to listen to their respective assigned IP on the external NIC.

HTH

RB



_____________________________

David Melvin
Ohio
MCSE: Security 2003, MCSA:Security 2003

(in reply to Puffin)
Post #: 7

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Server Publishing >> Listening on Mutlple IP Addresses Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts