setting up isa server ip's

Unanswered Question
Apr 19th, 2006
User Badges:

I know this may be off topic but has anyone on her set up an isa server with 2 NICS, i just want to know the ip setup , people say they have an external public ip on the external interface, I would of thought it would of been an internal ip and just natted on the router or something, Can anyone tell me how they are normally set ? thanks


Carlos

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
pradeepde Tue, 04/25/2006 - 11:41
User Badges:
  • Bronze, 100 points or more

If a server with two NICs is to be used with a Pix - the NICs must be configured as stand alone NICs. If routing is turned on between the nics, it normally breaks communication as a packet will come into one nic and go out the other nic.


You will therefore not be able to "go to DMZ 1 to DMZ 2 by ISA rather than PIX".

If you do disable routing between the 2 NICs - you can then configure access by creating static translations from the lower security interface to the higher security interface.

You can then ensure security by restricting traffic that can access the interface with Access-Lists.


The following link shows how this is configured on a Pix;


http://www.cisco.com/warp/public/707/28.html



mlinzbach Tue, 04/25/2006 - 13:30
User Badges:

It all depends on your enviornment. MSFT would tell you to do the following:


1) have an outside NIC with a default gateway entry.

2) have an internal NIC without a default gateway entry.


The outside NIC would be connected to your ISP and the inside NIC would be your LAN segment.


Look here for an example.


http://www.isaserver.org/tutorials/Configuring_ISA_Server_Interface_Settings.html


HTH



Actions

This Discussion