• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Additional router

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 General] >> General >> Additional router Page: [1]
Login
Message << Older Topic   Newer Topic >>
Additional router - 2.Jan.2003 12:03:00 AM   
zyx52

 

Posts: 4
Joined: 1.Jan.2003
Status: offline
Hi,
I'm locking for a solution for the following problem:
Our schoolnet (server and clients all w2k) are connected over a router to out citynet and from there to internet. This works rather fine and we have no security problems. Unfortunitly there are a number of districtions so that we want to use an extra dsl-connection for special using.

Is it with ISA possible to let the pupils use the standard gateway and the teacher (for example) use the new DSL connection? And more, can teachers switch between these connections, because some informations are only available over the standard gateway?

Thank you for your answers

Detlef
Post #: 1
RE: Additional router - 2.Jan.2003 7:16:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi Detlef,

where does the ISA server fit into the picture? Is the router connection to the citynet internal, external or on the DMZ in respect to ISA server?

HTH,
Stefaan

(in reply to zyx52)
Post #: 2
RE: Additional router - 2.Jan.2003 7:27:00 PM   
zyx52

 

Posts: 4
Joined: 1.Jan.2003
Status: offline
Hi Stefan,
I'm simply looking for a solution for my problem. Someone posted me, the ISA-server could be a solution with his possibility of ARRAYS (I don't know what that means). So I wanted to ask someone who knows better, before I study the documentation.
The connection to our citynet is an internal route and runs with Citrix clients to the servers in the city.

Thank you for your interest
Detlef

(in reply to zyx52)
Post #: 3
RE: Additional router - 2.Jan.2003 8:57:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi Detlef,

is the solution with the Citrix clients connecting to the servers in the city the only connection needed to the citynet?
How is the current Internet access regulated? Is the Internet accessed only through the Citrix clients or how is it done?

HTH,
Stefaan

(in reply to zyx52)
Post #: 4
RE: Additional router - 3.Jan.2003 1:07:00 PM   
zyx52

 

Posts: 4
Joined: 1.Jan.2003
Status: offline
Hi Stefaan,
as I described above the normal way is using IE with a citrix addon to connect over a router to the citynet. But the security mechanisms are rather restrict. Now we have an independant additional DSL line, which we want to use to connect to the internet. The goal is, that we can decide, who is allowed to use which connection.

Regards
Detlef

(in reply to zyx52)
Post #: 5
RE: Additional router - 3.Jan.2003 2:58:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi Detlef,

as far as I understand your configuration, I would propose the following basic design:
code:
Internal --- [ISA] --- Internet
!
!
v
to CityNet

This is a variant of a trihomed DMZ scenario. I often use this configuration when there is a second external connection to another partner network. The key point is that through the link to the CityNet only a limited set of destinations are reachable (you can't set a default gateway on the DMZ interface). In your case, it sounds that only the Citrix Metaframe should be reachable.

On ISA server you will have complete control over which users can access which destinations on the basis of user/group membership (Web Proxy and Firewall client) or IP address (SecureNAT client). Note that by default no communication is possible between the external interface (Internet) and the DMZ interface (CityNet). However, all Internet traffic (if allowed by the outbound access policy) will be directed through your own Internet connection (default gateway), unless some users are accessing the Internet through the Citrix client.

HTH,
Stefaan

(in reply to zyx52)
Post #: 6
RE: Additional router - 4.Jan.2003 4:53:00 PM   
zyx52

 

Posts: 4
Joined: 1.Jan.2003
Status: offline
Hi Stefaan,
that looks very interesting. I will try that.

Thank you very much for your help.

Detlef

(in reply to zyx52)
Post #: 7
RE: Additional router - 4.Jan.2003 7:07:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi Detlef,

good to hear I could help! [Smile]

If you have further questions, don't hesitate to post a follow up and we will try to help as much as possible. [Cool]

Thanks,
Stefaan

(in reply to zyx52)
Post #: 8

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 General] >> General >> Additional router Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts