• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

IP MAP : Multiple IPs to same Physical NIC configuration

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 General] >> General >> IP MAP : Multiple IPs to same Physical NIC configuration Page: [1]
Login
Message << Older Topic   Newer Topic >>
IP MAP : Multiple IPs to same Physical NIC configuration - 26.May2010 7:40:03 PM   
ss1001

 

Posts: 6
Joined: 1.Feb.2008
Status: offline 		Hi,

I wanted to confirm this before setting out to make these changes. I would appreciate it if someone would confirm or correct me.

I need to publish multiple domain using SSL ceritifcates. I can get away using the wildcard certificate for some of the domains, but not all. I believe I need to create multiple listeners and attache the SSL certificates to those.

Now I need confirmation if this is correct.

I have a Router (Netopia incl. DSL modem), with the LAN (single IP 198.168.0.2) and the external IP Address. In the netopia configuration I have the 192.168.0.2 (one physical NIC of ISA server (external facing)) IP MAPPED to the External IP Address. So I bind an additional Internal IP e.g. 192.168.0.3 to the EXTERNAL FACING ISA servers NIC (already has 192.168.0.2). I then create a 2nd IP MAP on the Netopia with 192.168.0.3 and map it to the same External IP Address, thus having 2 enties now with 2 different Internal IP's MAPPED to the same External IP.

So I need to confirm if this is correct and there won't be any conflicts since the same physical EXTERNAL FACING NIC on the ISA server has the 2 IPs bound to it and the IP MAPs are to the same External IP. Furthermore, how will the Netopia know which IP address to send which packets to, meaning will it send the mail packets that need that specific SSL certificate to the correct IP address the mail SSL certificate it bound to?

This is what I need confirmation on.

Thanks in advance.
Post #: 1
RE: IP MAP : Multiple IPs to same Physical NIC configur... - 27.May2010 5:30:26 AM   
Jason Jones

 

Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline 		You can have multiple IP addresses on the external NIC of ISA, but you will need a one-to-one NAT for each ISA IP to an external (public) IP address e.g.

Public IP 1 => ISA External IP 1
Public IP 2 => ISA External IP 2

Be aware that you can assign multiple IPs to a single listener, each with their own SSL cert if you want to. The limitation here is that a single listener means things like authentication etc. will be the same for all assinged IPs.

If you are using wildcard certs you can map all FQDNs to a single IP, but you still need a 1:1 NAT from public IP to ISA external IP e.g.

www.domain.com => Public IP 1 => ISA External IP 1
other.domain.com => Public IP 1 => ISA External IP 1

Cheers

JJ  

< Message edited by Jason Jones -- 27.May2010 5:45:02 AM >

_____________________________

Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to ss1001)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 General] >> General >> IP MAP : Multiple IPs to same Physical NIC configuration Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts