Hi I am using ISA 2006 as a 3 leg perimeter.I am using DMZ network for wireless clients only. DMZ interface of ISA is connected to linksys router, which is also DHCP server for wireless clients and i am using dns splits for wireless clients as shown in following article
NIC configuration of DMZ ip - 192.168.1.1 mask- 255.255.255.0
lynksys router's config ip - 192.168.1.2 mask - 255.255.255.0 DHCP range - 192.168.1.100 - 192.168.1.150 DNS server - 192.168.1.1
my clients gets the following config after connection
ip - 192.168.1.104 (any ip from range) mask - 255.255.255.0 Gateway - 192.168.1.2 (router's ip) DNS - 192.168.1.1
with this config, nslookup works fine but the can't browse internet untill i provide web proxy which is 192.168.1.1 with port 8080 my ISA rule is allow all outbound traffic from dmz to external for all users But why it is not working as secureNat? what am i doing wrong ?
plz be more specific. do u mean i should create a network between ISA DMZ NIC and linksys router by inserting cable into WAN internet port rather than lan port of router. do i need to change any other configuration? dmz nic and router would be on same network like mentioned in that article or not? i need some more details plz.
I might not explained it properly. i am using linksys E1000 router which is directly connected to ISA DMZ NIC via router's LAN port. so i think it is working as Access Point. so if i using it as a WAP because it is also on the same network on which DMZ NIC is. so in this case what could be the reason for SecureNat issue. Any suggestion?
Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,
wireless "routers" are NAT devices. You must be sure it can be configured as AP. It is not just because you connected ISA DMZ NIC on the LAN port of wireless router that it is working as an AP.
Hi, Ok, Suppose i want to use it as a router. In that case DMZ NIC will be connected on WAN port. What else i need to change? Router's network? Plz comments abt my ip settings. Can this router fulfill the purpose of AP like shown in the article? Thanks
Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,
you must configure a network between wan wireless router interface and ISA DMZ NIC, you can use 172.16.0.1/30. Then the LAN network of your wireless router could be 192.168.1.0/24
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA 2006 Firewall] >> DMZ >> SecureNat for wireless DMZ 
SecureNat for wireless DMZ - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread