I am trying to split my 2 NICs up for internal and external communications so I can get the ISA firewall functionality that provides. My problem is that the server is not actually in a firewall situation. We have Cisco firewalls and the powers-that-be will not allow ISA to act as a REAL firewall.
Due to this, both NICs reside in the same subnet. I don't seem to be able to access anything, and I believe it is due to this. I tried caching mode, but ISA is limited in this configuration. Is there any way for me to get the functionality that the firewall provides without creating another vlan for the external card?
I was able to get it working by following some of the best practices noted in Tom Shinder's "ISA Firewall Best Practices, Tips and Tricks" article. After removing the default gateway from the internal card, removing DNS from the external card, and adding some routes for access internally, it all worked.
It did not resolve an issue that I was hoping it would, though. Streamed media (any type) does not seem to work. All other access works so far, though.
From: Stockholm / Sweden
Streaming media have alot of threads in the forums and it seems that it all dempends of what kind of streaming media you would like to use. Install the firewall client on your clients and make a rule to allow the protocols thru the ISA Firewall, if that dosen't fix your problem do a search in the forums on "Streaming Media" and you will get alot of questions and answers. Hopfully it will helt you to solve your problems.
This actually ended up being a SurfControl issue. If anybody is having trouble getting streamed media working and you are using SurfControl WebFilter v5.0, install HotFix 1 for SurfControl v5.0 (Requires SurfControl SP1).
The fix is for several issues unrelated to streaming media. However, it fixed all my streaming media problems as well as a McAfee EPO communication issue.
Even though this didn't have anything to do with the firewall functionality, I will be creating a new vlan for the second (External) NIC.
Thanks Rickardn and spouseele for your suggestions.