RE: Back 2 Back

• From: "Goktug Yildirim" <yildirim@xxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 6 Feb 2002 15:50:18 +0200

I have read that article too. I have a port list that is to be opened.
Also I guessed that I must use server publishing rules.
But there is a point here that I do not have any idea. How to manage the
DNS records? How can I use my internal DNS server? Of course by
publishing it. However if you publish DNS and DMZ server asks for any DC
record it will get an internal IP like 192.168.4.2 and because ISA can
not ( I guess so) route back ( from DMZ to internal) DMZ server can not
access internal DC.
At this point I think I fool the DMZ server by using an DMZ DNS server
and manually configuring all related records. But this is not a solution
if you have much record to add.
I hope there is a more flexible solution then publishing each of the
related ports and manually configuring dns records.
 
        -----Original Message-----
        From: Lippman, Michael [mailto:Michael.Lippman@xxxxxxxxxxxxxxxx]

        Sent: Wednesday, February 06, 2002 2:57 PM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] RE: Back 2 Back
        
        
        http://www.ISAserver.org
        
        
        I am working on this as well.  There is a good technet article
that deals with MS Exchange 2000.  It addresses what needs to be open
for exchange which also deals with active directory. Just go to technet
and  type front end back end exchange server and you will get the white
paper.
         
        You publish the servers on your internal network to the DMZ.
         
         
        MRL
         
        -----Original Message---
        From: Goktug Yildirim [mailto:yildirim@xxxxxxxxxxxxxxx] 
        Sent: Tuesday, February 05, 2002 6:11 AM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] Back 2 Back
         
        http://www.ISAserver.org
        Hello,
        How do i configure a server in a back2back dmz zone to reach a
service in the internal network? Do I have to create ip packet filters
or do i have to publish all the necessary servers in the internal
network?
        I think going on an example will make it simple: I have a server
in the back2back dmz and I want this specific server to reach all the
related Active Directory servers at the enterprise through internal ISA
server. What is specific configuration on the internal ISA server?
        Thanks for any comment,
        Goktug
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as: Michael.Lippman@xxxxxxxxxxxxxxxx
        To unsubscribe send a blank email to
$subst('Email.Unsub') 
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as: yildirim@xxxxxxxxxxxxxxx
        To unsubscribe send a blank email to
$subst('Email.Unsub') 

Other related posts:

• » Back 2 Back
• » RE: Back 2 Back
• » RE: Back 2 Back

1. Home
2. isalist
3. Archive
4. 02-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---