Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Internet Access

Hello Dear's,

I m confuse always regarding the simple question but i want to confirm??

Please find the attached diagram:

If my ISA server has 2 NIC cards,internal and External,external NIC has a public IP and is connecting to Internet Router,and internal is connecting to LAN Switch do i have to do Natting overload on the internet router for internal users ??????????????? the Internet router has default route to the  ISP router,

I think NO i don't have to do natting because ISA is doing a routing between the 2 NIC's, correct me if i m wrong.???

2nd Scenario,

If i keep my ISA ONLY with Internal LAN IP Subnet no external NIC and if i do a natting overload on internet router for users accessing internet would users will be able to go on the internet??????? The users should go on the internet,correct me if i m wrong.???

I would have tried this but production will affect,so i want to confirm from your'll.

Thanks,

Message was edited by: adamgibs7

1 ACCEPTED SOLUTION

Accepted Solutions
Super Bronze

Re: Internet Access

If your ISA server has 2 NICs (external and internal), you would need to perform NAT on the ISA server so traffic going through the ISA server will be PATed to the external ip address of the ISA server before being routed towards the internet router. In this case, your internet router does not need to perform NAT/PAT. Connection between the ISA server external interface and the internet router will be the public subnet range.

If you only have 1 NIC on your ISA server, ie: internal subnet, then internet router needs to be configured to perform the NAT/PAT. In this case, the connection between the ISA server internal interface and the internet router will be the private/internal subnet range.

Hope that helps.

2 REPLIES
Super Bronze

Re: Internet Access

If your ISA server has 2 NICs (external and internal), you would need to perform NAT on the ISA server so traffic going through the ISA server will be PATed to the external ip address of the ISA server before being routed towards the internet router. In this case, your internet router does not need to perform NAT/PAT. Connection between the ISA server external interface and the internet router will be the public subnet range.

If you only have 1 NIC on your ISA server, ie: internal subnet, then internet router needs to be configured to perform the NAT/PAT. In this case, the connection between the ISA server internal interface and the internet router will be the private/internal subnet range.

Hope that helps.

New Member

Re: Internet Access

Thanks halijenn,

In 1st Scenario,

The ISA server is acting as Proxy server (users configuring ISA IP address in thier browser) and as well as a Firewall facing the internet,correct me if i m wrong???

In 2nd Scenario,

Means when users configure the proxy server (ISA Server) Ip Address in their browser.The ISA server is acting as a proxy server for the  Internet ONLY with no firewall security. OR its optional also we can configure as a proxy server and firewall security feature's when the ISA is in inside LAN too.

Thanks

144
Views
0
Helpful
2
Replies