• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Help needed with from external to internal and back again firewall rules

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> Help needed with from external to internal and back again firewall rules Page: [1]
Login
Message << Older Topic   Newer Topic >>
Help needed with from external to internal and back aga... - 29.Jun.2005 10:27:00 AM   
udu

 

Posts: 6
Joined: 29.Jun.2005
From: South Africa
Status: offline
Follows is the current design of our network...
""

Ok now the problem is that when traffic comes from the 10.0.1.0 network it is not routed into the 10.0.10.0 network. I have set rules for routeing that traffic and to allow the required port into the network. I have also set rules not to nat the traffic destined for 10.0.1.0 (these work).

""

There are no problems with the other firewall as it is passing traffic correctly.

Now the problem is that as soon as I create the network 10.0.1.0, as follows, ISA does not know where to send the traffic even if I add in "route add 10.0.1.0 mask 255.255.255.0 10.50.72.65"

""

Now I have considered changing our configuration from an EDGE firewall to a backend firewall, but since our ISP just forwards all traffic to my external address (10.50.72.70) I am worried about the implications of doing this.

I have racked my brain on how to sort this out, but somehow the solution evades me... any advice you can offer ?

PS. if the images don't show here are their direct links

http://extranet.elogics.co.za/currentproblem.jpg
http://extranet.elogics.co.za/networkrules.jpg
http://extranet.elogics.co.za/networks.jpg

[ June 29, 2005, 10:31 AM: Message edited by: Dudley Wood ]
Post #: 1
RE: Help needed with from external to internal and back... - 29.Jun.2005 10:45:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Dudley,

Which of those firealls is the ISA firewall?

Thanks!
Tom

(in reply to udu)
Post #: 2
RE: Help needed with from external to internal and back... - 30.Jun.2005 2:35:00 AM   
udu

 

Posts: 6
Joined: 29.Jun.2005
From: South Africa
Status: offline
Oh oops [Razz]

The ISA machine is named Elogics-fire, I have managed to figure out that the problem was the ports I am allowing. Can you tell me, for domain trusting and file access do I need to add the ports as inbound and outbound ? as they are going into the firewall from external and into the internal network.

I am also thinking that a more secure solution would be to put an ISA box on the other side and create a vpn between the 2 offices.

PS.
Love your articles have helped me no end [Smile]

(in reply to udu)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> Help needed with from external to internal and back again firewall rules Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts