• Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Replication questions or problems

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 General] >> Installation and Planning >> Replication questions or problems Page: [1]
Message << Older Topic   Newer Topic >>
Replication questions or problems - 13.Nov.2009 4:05:56 PM   


Posts: 21
Joined: 9.Mar.2009
Status: offline
I have the following setup and problem that I need some input on...

Domain with one DC and two Arrays
Each array has one CSS and one member
Array 2 is supposed to be a replica CSS of Array 1

I have added the CSS servers to the Replicate Configuration Storage Servers
I have specified each array firewall to use the other as an Alternate CSS
I have allowed replication over the network
I have an Enterprise rule to allow firewall, storage replication and storage from one to the other CSS and back

If I add rules to my primary CSS (as array rules), they do not show up on the replica... EVER. I can manage one to the other, I can see and communicate one to the other, and checking ADAM replication it says successful on both sides. I am not sure what is going on. I backed up the configuration halfway through and restored to the other server to make sure they were exactly the same, but when I add new rules to CSS 1, they do not show in CSS2.

Any ideas of what I may be missing? It's not quite as easy as all of the documentation might have you believe.
Post #: 1
RE: Replication questions or problems - 16.Nov.2009 2:31:38 PM   


Posts: 21
Joined: 9.Mar.2009
Status: offline
OK, I made a mistake and put two CSSs in two different arrays, and that is a logical boundry. Sorry, I am still learning the ins and outs of ISA communication and publishing.

So what is the best solution, to always keep things replicated between a primary and secondary data center, to allow for DR and lighten the administrative impact? Do you have to have two arrays and always create two sets of rules for published resources that may be on the same subnet segment on the back end? You would think that if you say "if it comes from an external source (defined per machine by interface) and is going to mail.hubbabubba.com/owa on the internal network (again, defined by the interface) then apply this rule and let it in."

But it seems more as if ISA is creating static routes and saying if you are coming from 188.1.1.x via the external interface ip of 10.99.99.x, and you are going to 10.2.2.x via internal interface of 10.99.98.x then you get this applied, and if you come via any other IP then you are not really my interface.

What is the best way to implement the following example?

Example - If you have a site in Los Angeles and a site in Denver, both belonging to the same domain, both with the ability to communicate as if on the same network (although the ISA servers are on different subnets), and wanting to publish to the same resources on the back end (e.g. there are some VLANs with the same Subnet segments that span between the two sites based on disaster), how would you setup the environment? If you put the ISA servers into the same Array you will have broken publishing rules because of different network segments from ISAs perspective, right? And if you create two arrays, the rules will have to be created uniquely to both arrays, right? Is there a hybrid between the two? One where you can publish an Exchange server that is always on 10.2.2.x (DNS will point to the new 10.2.2.x address in event of DR and migration to the DR site in Denver)? Or are you stuck with always creating two rules (one at the main HQ in Los Angeles and one at the DR site in Denver) for each thing that you publish?

(in reply to jtheboywonder)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 General] >> Installation and Planning >> Replication questions or problems Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts