• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Back to Back ISA 2004 Firewall Questions

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> DMZ >> Back to Back ISA 2004 Firewall Questions Page: [1]
Login
Message << Older Topic   Newer Topic >>
Back to Back ISA 2004 Firewall Questions - 5.Sep.2008 2:21:18 PM   
Flip

 

Posts: 9
Joined: 16.Mar.2007
Status: offline
I have created a back to back ISA firewall configuration in a test environment a couple of times and have been successful by following this guide:
http://www.isaserver.org/tutorials/Configuring-Domain-Members-Back-to-Back-ISA-Firewall-DMZ-Part1.html

I do however still have a few questions:

1. My test environment does not contain an Exchange server, but my live environment does. I will be leaving the exchange server behind the backend ISA firewall. I don't believe that I will have any trouble sending mail out, but I am wondering if I will have any issues receiving mail as it will have to come through both firewalls. I am not sure if it matters, but my backend firewall will be an SBS2003 box.

2. On the internal interface of my front end firewall, I have been using my ISP's dns servers, is this correct? Do I require a DNS server listed there at all, since ISA should route to the ISP through the external interface anyway.

3. The last time I created the environment, I had to enter the backend firewalls internal range of addresses to successfully communicate with the network behind the backend firewall. For instance, I placed a web server in my DMZ, but when creating the publishing rule on the front end server, I could not resolve the machine name of the web server, because the front end could not communicate with the DNS server, which is behind the backend firewall. After writing it out, it does kinda make sense, but I don't remember doing this in prior configurations. Just wondering if that is the right way to do it or not.

Any help is appreciated.
Post #: 1
RE: Back to Back ISA 2004 Firewall Questions - 17.Mar.2010 5:13:20 PM   
pwindell

 

Posts: 2244
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
Impossible to answer.

All 3 questions hinge on whether the Network Relationship between then Internal and the DMZ Segment on the Back ISA is set to routed or NATed.

Being SBS is irrelevant.

_____________________________

Phillip Windell

(in reply to Flip)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> DMZ >> Back to Back ISA 2004 Firewall Questions Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts