Multiple internet connections in a DMZ

Multiple internet connections in a DMZ (Full Version)

All Forums >> [ISA Server 2000 Firewall] >> DMZ

Message

xlagerwaard -> Multiple internet connections in a DMZ (7.Aug.2003 11:16:00 AM)
I have 2 different dsl internet connections. I want to use 1 connection for all citrix traffic and the other connection for all other traffic. In my ISAserver i have 3 nics. 1 on the LAN, 2 in a DMZ with the private ipnr's 192.168.1.1 and 192.168.1.2. I have 2 draytek routers. On the LAN interface of draytek1 the ipnr = 192.168.1.3 and on the LAN interface of draytek2 the ipnr = 192.168.1.4. Both draytek routers have public ip adresses on there WAN interface. On the isaserver if you type route print in a command box you see: 0.0.0.0 0.0.0.0 192.168.1.3 192.168.1.1 0.0.0.0 0.0.0.0 192.168.1.4 192.168.1.2 0.0.0.0 0.0.0.0 LAN gateway LAN interface If i connect to the public ipadres on draytek1 on port 1494 (citrix) i get connected to ipdres 192.168.1.1 on port 1494 and the ISAserver connects me to the citrix server on the local lan. This works fine as long as remove the default gateways from the LAN interface and 192.168.1.2. So you only have 0.0.0.0 0.0.0.0 192.168.1.3 192.168.1.1 left as the default route of the ISA server. YEAH ! it works, but.... If i want to use HTTP from an pc on the LAN it works fine, but it uses draytek1 and it should be using draytek2. We used Wingate before in the exact same configuration and all worked fine. In Wingate you can say "if you receive traffic on the LAN interface on port 8080, route it via interface 192.168.1.2" On interface 192.168.1.2 the default route is draytek2 and that worked perfect. How can i use ISAserver to split my traffic as i used to do with Wingate? Thanks in advance, Xander Lagerwaard

spouseele -> RE: Multiple internet connections in a DMZ (7.Aug.2003 10:07:00 PM)
Hi Xander, first of all, NEVER put a default gateway on the ISA internal interface. Check out http://www.isaserver.org/tutorials/Configuring_ISA_Server_Interface_Settings.html for more info. Secondly, out of the box ISA server supports only ONE external interface. The external interface is the interface with the default gateway set. If you need more external interfaces, check out http://www.isaserver.org/software/ISA/High_Avail._&_Load_Bal./ . HTH, Stefaan

xlagerwaard -> RE: Multiple internet connections in a DMZ (8.Aug.2003 10:31:00 AM)
Hi Stefaan, First: Thnx. Somehow I missed that, but solved by manually deleting the additional default routes Secondly: Thnx! RainConnect looks like the product I need to solve the problem. Do you know any other products (in combination with ISA of course) with which I could do the same, or is RainConnect the only 1 ? Do you have any experience with RainConnect? If so I would like your opinion (or from any1 who knows RainConnect) about RainConnect.

spouseele -> RE: Multiple internet connections in a DMZ (8.Aug.2003 11:15:00 PM)
Hi Xander, I don't have first hand experience with RainConnect (yet). But from what I hear from Tom Shinder, he likes very much the product and technical support. Moreover, it seems to be the cheapest solution for ISA server. Drop him a mail at tshinder@isaserver.org and I'm sure he will respond. HTH, Stefaan

tshinder -> RE: Multiple internet connections in a DMZ (9.Aug.2003 4:49:00 PM)
Hey guys, Yes, RainConnect works great! However, the one limitation that product has, that I hope they fix soon, is the Exchange RPC publishing. HTH, Tom

xlagerwaard -> RE: Multiple internet connections in a DMZ (11.Aug.2003 10:04:00 AM)
Hi Tom, Stefaan, Thanks for your response. Since I want to use the Exchange RPC publishing feature in ISAServer, I would like to know what limitations I'm going to encounter if I install RainConnect ? Bye the way.... HTH means "Hope this helps", or ??? never seen this abbreviation before Thanks, Xander

xlagerwaard -> RE: Multiple internet connections in a DMZ (15.Aug.2003 9:58:00 PM)
Hi Tom, What limitations am I going to encounter if I install RainConnect? Exchange RPC publishing will not work at all, or ? Thanks, Xander

xlagerwaard -> RE: Multiple internet connections in a DMZ (26.Aug.2003 5:32:00 PM)
Hi Tom, Could you please inform me about the limitations I am going to encounter if I install RainConnect? If Exchange RPC publishing won't work with RainConnect I would really like to know. Thanks, Xander Lagerwaard [ August 27, 2003, 05:43 PM: Message edited by: Xander Lagerwaard ]

spouseele -> RE: Multiple internet connections in a DMZ (28.Aug.2003 11:11:00 PM)
Hi Xander, I can't answer that one but, why not drop RainConnect a call or email to find it out? HTH, Stefaan

xlagerwaard -> RE: Multiple internet connections in a DMZ (29.Aug.2003 11:27:00 AM)
Hi Stefaan, I already contacted Rainfinity (via e-mail) and asked if they are aware of any issue with Exchange RPC publishing in combination with Rainconnect. Ross Asquith (technical manager at Rainfinity) told me that there are no issue's that they know off. Now i'm wondering what the issue is Tom mentioned in his response, so i can confront Ross Asquith at Rainfinity with the issue that Tom found. So Tom, please respond, thanks. Xander

spouseele -> RE: Multiple internet connections in a DMZ (29.Aug.2003 4:59:00 PM)
Hi Xander, I will drop Tom an email for this topic. HTH, Stefaan

Page: [1]