• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

2 internal networks (on seperate nics) and 1 external.. policy problems internally..

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> 2 internal networks (on seperate nics) and 1 external.. policy problems internally.. Page: [1]
Login
Message << Older Topic   Newer Topic >>
2 internal networks (on seperate nics) and 1 external..... - 3.Aug.2005 4:58:00 PM   
hobogloves

 

Posts: 1
Joined: 3.Aug.2005
Status: offline
This has been very frustrating. Here is my setup:
2 Internal Networks (1 wired and 1 wireless on seperate nics on the isa server) and 1 external (internet, another nic). We are implementing a new wireless infrastructure that will be used by many guests and our staff. We want the ability to restrict the guests to only internet access (and none of our internal servers and intranet at all), but have our staff the ability to have the exact same access they get wired in their office (to internal servers, intranet etc.). After extensive testing with ISA Server 2004, this has become quite the task. The problem lies in the firewall policies. Everything works fine when setting up policies from Wireless->Internal when using the "ALL USERS" group (file browsing on servers, email/exchange, intranet etc.). However, when specifying a user or group in our AD to these rules (Wireless->Internal), it simply does NOT work. I will add my AD user acct to a rule (ie. access to port 80 on our internal network from the wireless network) and it does not work. If the "ALL USERS" group is added to this same rule it works fine. So, I cannot restrict guest's wireless access... It is not a routing issue or anything obviously because when using the "ALL USERS" group it works fine... For some reason authentication between the wireless and internal network is just simply not working. It is worth noting that authentication DOES work from the wireless network -> External (internet)..... Any help at all would be greatly appreciated as this setup seems quite unique (can't find anything similar at all where someone wants to restrict access between 2 internal networks).
Post #: 1
RE: 2 internal networks (on seperate nics) and 1 extern... - 4.Aug.2005 3:27:00 AM   
steavg

 

Posts: 175
Joined: 29.Jan.2004
From: Belgium
Status: offline
Hi Brock,

How do your clients connect to the ISA ? Are they Secure-NAT clients, Web Proxy or Firewall clients ?

Txs

Stefan

(in reply to hobogloves)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> 2 internal networks (on seperate nics) and 1 external.. policy problems internally.. Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts