• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Firewall Client with SecureNAT Network Topography

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Firewall] >> Firewall Client >> Firewall Client with SecureNAT Network Topography Page: [1]
Login
Message << Older Topic   Newer Topic >>
Firewall Client with SecureNAT Network Topography - 22.Mar.2003 3:29:00 PM   
elroyjetson

 

Posts: 18
Joined: 20.Mar.2003
From: Lansing
Status: offline 		I am learning Exchange Server on my home network. I'd like to use ISA to provide firewall protection to my network. So, I envision having my external Internet connection come into NIC 1 of my ISA computer and then have my internal NIC 2 attach to my LinkSys 4 port router, with our 2 desktops and 2 laptops connecting through the router.

The box I am running ISA on will also have Exchange 2000 running on it. I'd like to expose this box to the internet because my router makes Outlook Web Access connectivity very difficult. My intent is to use ISA to protect this computer.

I would like to be able to use the Firewall Client because I want to be able to do user-based and group-based security. However, what confuses me is that in Shinder's book, "Configuring ISA Server 2000," the network topography I described above seems associated with SecureNAT rather than the firewall client (e.g. Figure 4.2 on pg 212 is closest to my planned configuration except I don't plan on a DMZ as a separate DMZ'ed network segment).

So, my question is this: Can I use this planned network layout with the Firewall Client? If so, what other issues do I need to be aware of?
Post #: 1
RE: Firewall Client with SecureNAT Network Topography - 22.Mar.2003 8:27:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Elroy,

Pg 212 shows a trihomed DMZ, which is not what you want.

Since you have a simple network, you don't need a router. Just plug the internal interface of the ISA Server to a hub or switch, and plug all the machines to the hub/switch.

You don't mention what you're using as an external interface, but it shouldn't be anywhere near the hub/switch you're using on the internal network. The internal and external networks must be physically disconnected so that the only way between them is through the ISA Server.

HTH,
Tom

(in reply to elroyjetson)
Post #: 2
RE: Firewall Client with SecureNAT Network Topography - 25.Mar.2003 4:15:00 PM   
elroyjetson

 

Posts: 18
Joined: 20.Mar.2003
From: Lansing
Status: offline 		The only reason why I mention a router is that is the hardware I already have. Does using a router instead of a hub cause problems for the network layout I want to use?

(in reply to elroyjetson)
Post #: 3
RE: Firewall Client with SecureNAT Network Topography - 25.Mar.2003 4:16:00 PM   
elroyjetson

 

Posts: 18
Joined: 20.Mar.2003
From: Lansing
Status: offline 		Oh and by the way Tom, thanks for the help.

(in reply to elroyjetson)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Firewall] >> Firewall Client >> Firewall Client with SecureNAT Network Topography Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts