DMZ & Internal access ISA 2000 (Full Version)

All Forums >> [ISA Server 2004 General ] >> ISA 2004 SBS



Message


npa1 -> DMZ & Internal access ISA 2000 (18.Feb.2011 7:01:06 AM)

Hi & Sorry for cross posting but doesnt appear as anything gets answered in the 2000 forum

I am hoping someone can assist me with an ISA 2000 firewall problem I am unable to resolve at present. We currently have a SBS 2003 SP1 server with ISA 2000 installed

This is the current configuration so I am hopeful someone can assist

The ADSL router has a LAN IP of 192.168.111.1

The SBS server has 2 network cards installed & the WAN IP = 192.168.111.101

The 2nd LAN card to provide internal access to the network = 151.59.200.201

The problem we are experiencing is that we have had 2 ¡§special servers¡¨ introduced to the network & one must sit on the internal network & one must sit in the DMZ but we cannot get them to talk to each other through ISA 2000

The server that resides in the DMZ has an IP of 192.168.111.240

The server on the internal network has an IP of 151.59.1.254

We have setup a IP Packet filter to allow inbound connections on any dynamic port & route it to port 3011 which points to 151.59.1.254, but I am then seeing the following in the ISA log

2011-02-18 11:28:34 192.168.111.240 151.59.1.254 Tcp 59110 3011 BLOCKED 192.168.111.101
2011-02-18 11:28:46 192.168.111.240 151.59.1.254 Tcp 49053 3011 BLOCKED 192.168.111.101
2011-02-18 11:28:49 192.168.111.240 151.59.1.254 Tcp 49053 3011 BLOCKED 192.168.111.101
2011-02-18 11:28:55 192.168.111.240 151.59.1.254 Tcp 49053 3011 BLOCKED 192.168.111.101
2011-02-18 11:29:08 192.168.111.240 151.59.1.254 Tcp 49054 3011 BLOCKED 192.168.111.101
2011-02-18 11:29:12 192.168.111.240 151.59.1.254 Tcp 49054 3011 BLOCKED 192.168.111.101

Can anyone assist with this issue please as its driving me insaneļ

Thanks in advance




Page: [1]