• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA with Multiple networks

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> DMZ >> ISA with Multiple networks Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA with Multiple networks - 3.Mar.2009 7:15:26 AM   
tripled

 

Posts: 2
Joined: 3.Mar.2009
Status: offline
Hi All,

I'm trying to setup an ISA2006 server with 3 network cards.
1 - Internal
1 - External
1 - Perimeter/inbound only

It's running nicely now with the internal and external, but I'm having problems adding the 3rd leg (I've configured the 3 leg template) basically the 3rd leg I want as inbound services only i.e. SMTP inbound traffic, but whatever I do the ISA just doesn't like to play. I'm testing with an ADSL line connected to a Draytek 2800 Router that's routing port 25 to the ISA IP address.
I've added the Draytek IP range to the Perimeter Network config, and set the network rules to allow the perimeter to a test mail server (computer) relation Route. and Internal network to perimeter network relation NAT.

I'm sure I've made some big mistakes here somewhere, but can someone point me in the right direction?
Post #: 1
RE: ISA with Multiple networks - 4.Mar.2009 3:57:16 PM   
pwindell

 

Posts: 2244
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
"Inbound service" does not really mean anything.  That does not clearly describe what you are trying to do and how [exactly] you are trying to do it.  ISA is very complex,...details of a problem have to be specific.

You already have a DMZ between the Draytek and the ISA,...there is no point in having a nearly worthless Tri-Homed DMZ on top of that that does nothing more than over complicate things.  Tri-homed DMZs are generally used (and more justifiably used) when the ISA is an Edge Firewall all alone by itself. 

I'm not saying you still can't accomplish what you want eventually,...I just don't think it is worth putting all the effort into it.

Also,...you cannot Publish from the Perimeter,...the Perimeter does not "touch" the Internet.  You have to Publish "from" the External "to" the Perimeter.  Getting from the Perimeter into the Internal is a completely different and separate process after that.

_____________________________

Phillip Windell

(in reply to tripled)
Post #: 2
RE: ISA with Multiple networks - 4.Mar.2009 4:52:51 PM   
Jim Harrison

 

Posts: 271
Joined: 5.May2001
From: Redmond, WA
Status: offline
It sounds as if you're trying to give ISA two connections to the Intneret?
If so, this is a failed exercise from the start.

_____________________________

Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
My ISAServer.org Stuff
My Site

(in reply to tripled)
Post #: 3
RE: ISA with Multiple networks - 5.Mar.2009 4:16:19 AM   
tripled

 

Posts: 2
Joined: 3.Mar.2009
Status: offline
Not really, I only want one outbound connection to the internet, but want 2 inbound connections from the internet. One that basically will hold services like SMTP traffic and VPN traffic inbound, and the other that provides mostly outbound.

Is this not possible with ISA 2006?

(in reply to Jim Harrison)
Post #: 4
RE: ISA with Multiple networks - 8.Mar.2009 12:00:29 PM   
Jim Harrison

 

Posts: 271
Joined: 5.May2001
From: Redmond, WA
Status: offline
Threr is no distinction between "inbound" and "outbound".
You can't have multiple Internet connections wiht ISA.
Get the TMG beta - this will allow you two use connections.

_____________________________

Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
My ISAServer.org Stuff
My Site

(in reply to tripled)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> DMZ >> ISA with Multiple networks Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts