I have been experimenting with a lab ISA server and found some interesting things which I hope you can assist with.
I wanted to see if I could get ISA sever to work as a firewall with 1 physical nic. I came to the conclusion, after reading the message boards and Tom's articles That ISA server can only function as a firewall with 2 nics 1 external, 1 internal.
So I installed 1 physical nic connected to the network,bound a IP and dubbed it internal in the LAT I then installed a Dummy Software Adapter ( MS loopback adapter) and bound a external IP, thus emulating an external interface.
It seemed to work as everything was blocked until I setup the relevant packet filter to allow me to access to services on the 'internal' interface, which where Terminal services, HTTP ,SMTP and FTP.
Here is the setup
1.) ISA server( SP1,FP1 and all patches) , Win2k Server (SP4) 2.) 1 Physical NIC, connected to the network (Internal), included in LAT 3.) 1 Software NIC, External IP. 4.) Packet Filtering
Although this is working now in the LAB, could this be pulled off in the production environment, without using a back to back setup.
Here is the real life scenorio I needed to emulate :
1.) Web server connected directly to the internet ( 1 Physical Nic), hosted at an ISP who don't provide Firewall services. 2.) No resources for a back to back config.
I would appreciate any help Thanks in advance -P.S Thanks for the great site !