• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Router between ISA server and Firewall Clients

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Firewall Client >> Router between ISA server and Firewall Clients Page: [1]
Login
Message << Older Topic   Newer Topic >>
Router between ISA server and Firewall Clients - 25.May2005 7:43:00 PM   
mpkn3rd

 

Posts: 6
Joined: 13.May2005
Status: offline
I have just a seemingly simple question. But, have not been able to find an answer. If you have an ISA 2K4 server configured with the external interface being a public addr and internal interface is 10.0.0.2/8. Then there is a router between the ISA server and the internal network clients. The external interface of the router is 10.0.0.1/8 and the internal interface of the router is 192.168.1.2/24. All the clients on the internal network are in the same subnet of 192.168.1.XXX/24. The workstation clients have the router as the default gateway. I was wondering if the firewall client will work correctly even though there is a router in the middle.

I have been trying to get this to work and have not been successful as of yet. I am not sure of the reason, as I had thought that the firewall client was strictly TCP/IP. I have used the fwctool and it can ping the ISA server correctly. I can ping and resolve public FQDN's. But I enable the firewall client and the browser does not work. If I use the secureNAT setup on a client workstation the topology works fine.

I would really appreciate some advise as I am not coming up with too many more possible options. I am not sure I like the router being in the middle as I feel I will loseing some control with the ISA server's internal network just consist of the router's external interface. Any advice would be greatly appreciated.

Thank you.
Post #: 1
RE: Router between ISA server and Firewall Clients - 26.May2005 3:38:00 PM   
big_dazza

 

Posts: 506
Joined: 24.Apr.2003
Status: offline
Microsoft's official line is that there should be no hops between clients and ISA. Doubt if you'll find this documented. I got it from MS engineer. However, really their main concern is firewalls inbetween, and they do accept that routers will inevitably lie between.

Are your browsers setup as web proxy client? (i.e. using a auto config script)? If not, would recommend you try that. Type in the autoconfig settings of IE:

http://<ISAServer>:8080/array.dll?Get.Routing.Script

See if that works.

(in reply to mpkn3rd)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Firewall Client >> Router between ISA server and Firewall Clients Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts