Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
same network with two interfaces
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
same network with two interfaces - 30.Apr.2008 5:14:05 AM
|
|
|
HSeffers
Posts: 5
Joined: 25.Oct.2005
From: Dnsseldorf
Status: offline
|
Hello,
I need to prepare an ISA enviroment with the following network situation:
Interface 1: Internet
Interface 2: Internal network with these adresses
142.87.0.4, 142.87.0.6-142.87.255.255, 142.114.0.0-142.114.255.255, 142.115.0.0-142.115.255.255
Interface 3: other local network with these adresses: 142.1.0.0-142.86.255.255, 142.87.0.1-142.87.0.3, 142.88.0.0-142.113.255.255, 142.116.0.0-142.255.255.255
On the third interface ISA will get the 142.87.0.3 as ip adress. Behind this interface is another router with the ip 142.87.0.1. Behind this router is the rest of the 142.x network, except 142.87.x.x, 142.114.x.x and 142.115.x.x
Now I worry that the routing between the two internal networks wont work. I wont be able to test it before friday.
In fact we need to set the ISA firewall between these two networks.
Will this solution work? Do I have a major wrong thinking of this solution?
How to solve best, if this does nto work?
It would be great to get some input here. As well I am working with ISA Server for a few years now, I never had such a situation.
Thanks in advance for any input here
Regards,
Holger
< Message edited by HSeffers -- 30.Apr.2008 5:17:01 AM >
|
|
|
|
|
RE: same network with two interfaces - 30.Apr.2008 5:52:02 PM
|
|
|
pwindell
Posts: 782
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
|
You have to have a good solid network design before you introduce ISA into it.
You do not appear to have that.
IP Segments should not be larger than 250-300 Hosts (like 255.255.255.0),...not 64,770 (255.255.0.0) hosts per segment as you have. Now you can supernet subnets together across backbones between routers but there is no indication you are doing that.
_____________________________
Phillip Windell
www.wandtv.com
|
|
|
|
|
RE: same network with two interfaces - 26.May2008 5:49:21 AM
|
|
|
HSeffers
Posts: 5
Joined: 25.Oct.2005
From: Dnsseldorf
Status: offline
|
Hello,
thanks for your answer.
But the network design is done by the VPN provider.
Each location gets its own network. Thing is, the implementation we have in this case is not our standard. Usually there is no ISA server, as all use a centralized internet gateway.
Anyway, I managed to make this work, as followed:
I added a static route for one host: 142.87.0.1 255.255.255.255 142.87.0.3
Then I added routes for all networks behind the router 142.87.0.1
I added one route to the rest of the network 142.87.0.0 pointing to the local network.
I added these networks to the networks within ISA server too, as well as the range 142.87.0.1-142.87.0.3to the DMZ network of ISA.
I just needed to add as static routes the two networks behind the local network 142.114.0.0 and 142.115.0.0 in the Routing&Ras console.
It didn't work in the command prompt.
Finally all is working.
HSeffers
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
