Intermittent connectivity in Back to Back Firewall (Full Version)

All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure



Message


crecode -> Intermittent connectivity in Back to Back Firewall (27.Jul.2010 8:43:46 PM)

We have deployed ISA as the back firewall using a natted private address from our front firewall on the public (DMZ) side and a second adapter for the inside network which is a different private network. We have deployed servers in the DMZ (behind the Front Firewall, and in the same network as the public adapter of ISA). Communication to these servers is intermittent. Is this an allowable configuration? Any ideas on troubleshooting?




Jason Jones -> RE: Intermittent connectivity in Back to Back Firewall (28.Jul.2010 3:43:32 AM)

What servers in the DMZ?

Can you provide a quick network diagram?

Placing ISA between a DMZ and the LAN is usually fine.

Cheers

JJ




crecode -> RE: Intermittent connectivity in Back to Back Firewall (1.Aug.2010 5:50:14 PM)

Jason,

When ISA was originally deployed it was deployed as an edge firewall. I have since placed a firewall in front of ISA and changed the configuration to a back firewall. All works, except for this intermittent communication to hosts in the perimeter (DMZ) network. There are no networks/network rules that reference the perimeter. Should there be?

(I have tried to add those networks/rules and it does not seem to help.)

The weird thing is that I have a SPAM filter in the DMZ and that works fine. I can ping from device to device in the DMZ but not from 2 Web Servers in the DMZ to ISA or to internal hosts and vice-versa.

INT NETWORK ---ISA---PERM NW----EDGE FW----INTERNET

PERM NW has 2 web servers, a spam filter and a few servers...all can talk to each other and acccess from/to the Internet is fine.

Exchange is published and lives in the interior netwrok. It also works fine.




01blackerado -> RE: Intermittent connectivity in Back to Back Firewall (19.Jul.2012 11:03:56 AM)

Is the front end firewall another ISA machine?




Page: [1]