RE: DMZ Subnet

  • From: "John Tolmachoff \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx>
  • To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
  • Date: Fri, 5 Sep 2003 11:56:18 -0700

It will not work. 

You have to properly subnet your assigned block to have public IP in DMZ. 

At a minimum, you would need a 240 block, with 16 IP assigned as follows:

.0      240     not usable
.1      240     ISP router
.2      248     ISP router internal
.3      248     External of ISA
.4      248     available
.5      248     available
.6      248     available
.7      248     not usable
.8      248     not usable
.9      248     ISA DMZ
.10-.15 248     available for DMZ
.16     248     not usable

John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com


> -----Original Message-----
> From: Tom Mendelboim [mailto:tomerm1@xxxxxxx]
> Sent: Friday, September 05, 2003 9:57 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] DMZ Subnet
> 
> http://www.ISAserver.org
> 
> 
> Hi everyone,
> 
> I would like to know if what I want to do will work...
> 
> I have ISA with 3 interfaces. Inside, outside and one of them is a DMZ. I
have
> received 2 IP addresses from my provider. I would like to use one IP on
the outside
> interface and one IP on the DMZ with a subnet mask of 255.255.255.255.
> 
> Will that work in a sense that any packets not beloging to the DMZ will be
routed
> correctly? I have to do something like that since the ISP gives me only 2
IP
> addresses...
> 
> Thank you all,
> 
> Tom
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> johnlist@xxxxxxxxxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 09-2003