Internet Access

Answered Question
May 15th, 2010
User Badges:

Hello Dear's,


I m confuse always regarding the simple question but i want to confirm??


Please find the attached diagram:


If my ISA server has 2 NIC cards,internal and External,external NIC has a public IP and is connecting to Internet Router,and internal is connecting to LAN Switch do i have to do Natting overload on the internet router for internal users ??????????????? the Internet router has default route to the  ISP router,


I think NO i don't have to do natting because ISA is doing a routing between the 2 NIC's, correct me if i m wrong.???


2nd Scenario,


If i keep my ISA ONLY with Internal LAN IP Subnet no external NIC and if i do a natting overload on internet router for users accessing internet would users will be able to go on the internet??????? The users should go on the internet,correct me if i m wrong.???


I would have tried this but production will affect,so i want to confirm from your'll.


Thanks,


Message was edited by: adamgibs7

Correct Answer by Jennifer Halim about 7 years 1 week ago

If your ISA server has 2 NICs (external and internal), you would need to perform NAT on the ISA server so traffic going through the ISA server will be PATed to the external ip address of the ISA server before being routed towards the internet router. In this case, your internet router does not need to perform NAT/PAT. Connection between the ISA server external interface and the internet router will be the public subnet range.


If you only have 1 NIC on your ISA server, ie: internal subnet, then internet router needs to be configured to perform the NAT/PAT. In this case, the connection between the ISA server internal interface and the internet router will be the private/internal subnet range.


Hope that helps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jennifer Halim Sat, 05/15/2010 - 05:01
User Badges:
  • Cisco Employee,

If your ISA server has 2 NICs (external and internal), you would need to perform NAT on the ISA server so traffic going through the ISA server will be PATed to the external ip address of the ISA server before being routed towards the internet router. In this case, your internet router does not need to perform NAT/PAT. Connection between the ISA server external interface and the internet router will be the public subnet range.


If you only have 1 NIC on your ISA server, ie: internal subnet, then internet router needs to be configured to perform the NAT/PAT. In this case, the connection between the ISA server internal interface and the internet router will be the private/internal subnet range.


Hope that helps.

adamgibs7 Sat, 05/15/2010 - 05:29
User Badges:

Thanks halijenn,


In 1st Scenario,


The ISA server is acting as Proxy server (users configuring ISA IP address in thier browser) and as well as a Firewall facing the internet,correct me if i m wrong???


In 2nd Scenario,


Means when users configure the proxy server (ISA Server) Ip Address in their browser.The ISA server is acting as a proxy server for the  Internet ONLY with no firewall security. OR its optional also we can configure as a proxy server and firewall security feature's when the ISA is in inside LAN too.


Thanks

Actions

This Discussion