So i've noticed a lot of threads regarding: 1) Routing of internal networks 2) How to turn off denials between internal subnets? 3) NetBIOS Problems!
Basically routing configuration questions.
So, is the simple answer to all of the above, utilize a router as the routing device that will connect the internal networks, and then place ISA as the routers default gateway? Therefore all internal traffic will be passed amongst the router, and external traffic will then go to ISA.
Does that 'defeat the purpose' of ISA also scanning internal networks? Perhaps, but as others mentioned, "allowing all protocols," amongst internal networks through ISA does not always reallyallow all. Especially the netbios broadcasts and multicasts -- during ghosting/imaging, & WINS registration (& network browsing?).
Basically, if I have questions similar to #1 to #3 above, would a router that bypasses ISA for internal traffic accomplish groovy internal routing?
Thoughts on using Windows Server 2003 as a router? ****Can ISA 2004 on Server 2003 utilize RRAS to route internal traffic?**** Thereby alleviating the need to purchase another hardware?
Just remember that the ISA firewall is a firewall, not a router. While it will route all packets between directly connected networks, its not a gateway for communications for which it isn't the gateway. Hosts onthe same Network should NEVER loop back to other hosts on the same Network. That's where people get into trouble.
So, putting routers on networks that are within the same Network is definitely the way to go.