First of all, thanks to anyone who will care,read or answer to my message.
We (the company i'm working for) are planning to move from MS Proxy 2.0 to ISA (also changing from nt 4.0 to 2000 for this box.) No migration, a fresh, clean, new install...
So, for the last 2 weeks i've been testing a LOT of issues with this product, on a test server.
We do not really have a DMZ zone, since all publications are on the isa server itself. However, the machine is behind a Cisco PIX Firewall, so let's say the external isa NIC is a strange sort of DMZ.
I need to set up this proxy/firewall on a win 2000, wich will be domain controller (back-up), and where will be our public services: external DNS, and IIS web hosting. The Firewall should also allow standart stuff (SMTP for exchange, ftp, etc...) and also accept at least 10 incomming connections of PC Anywhere and 10 incomming connections of Terminal Server.
I know that those two last topics have been discussed in the learning zone (documents that i have read over and over) but my config is way more complicated than those one ip publishing setups.
I first got the clients to work fine and the web proxy and firewall to controll all outgoing connections.
Then, i managed to publish (not without problems) the web sites (17) hosted on the same server. With the web publishing rules pointing to port 1200 of the internal network card IPs (one for each site). this finnaly work fine.
I then had to publish DNS wich worked too.
Now i'm at this PC Anywhere problem, and just can't get it to work with more than one connection.(will it be the same with Terminal Server?)
I created of course the protocol definitions, then the publishing rules and the IP packet filters.
So, to finally get to the point, i would like a few answers to those questions
1-do i need to set up the firewall client on the PC Anywhere hosts to bind ports ?
2-should i use different protocol definitions for every hosts i want to publish (4 for each)?
3-Do i absolutely need to set ip packet filters?
4-Is it correct to use one external ip address (on the isa) for each host i wanna publish, or can i get PC Anywhere to use different ports?
5- And finnaly, is there, with your experience and the explanations i'm giving, something i'm doing wrong?
If someone has already published those kind of services in such a melting pot, please let me know how exactlly you had the configuration done. Here for the benefits of others technicians, or directly to my e-mail if you need more info on my setup at firstname.lastname@example.org.
your computer guy...