- Green, 3000 points or more
Very small setup like this:
LAN ---- ISA ---- Internet
They have a 1841 that want to put between the ISA and the Internet.
So the setup now is like this:
LAN ---- ISA ----1841 --- Internet
In the first scenario (without the router), they have e-mail, ftp, web and other services being handled by the ISA server.
They have a single public IP which redirects all incoming traffic based on DNS and permits outgoing traffic also based on firewall rules.
They also have a VPN to a Linksys router in another office.
Here's the problem....
When placing the router, the VPN won't work at all and inbound traffic seems to have intermittent problems also.
The 1841 is just configured to redirect traffic based on ports to the ISA, i.e
ip nat inside source static tcp 10.1.1.1 80 PUBLIC_IP 80
ip nat inside source static tcp 10.1.1.1 25 PUBLIC_IP 25
In the first scenario everything is handle by the ISA and it works, in the second scenario NAT is done by the 1841 (has the public IP).
I don't see any reason why this would not work but its not working.
I don't have access to the ISA, but all traffic is passing through the router correctly as I did captures/debugs.
My question is...
Is there any problem about removing the public IP from the ISA and assigning it a private IP (so the public IP is on the router now).
I've done things like this a lot of times with cisco equipment, but I'm pretty sure something the ISA is not liking something and causing problems.
Any comment will be appreciated.