Re: DMZ and Ping

  • From: "cismic" <cismic@xxxxxxx>
  • To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 29 Aug 2001 01:13:18 -0700

Jim,
 
The LAT contains only the very internal ip address that I set up.  
 
After doing some more reading, I finally added a host file to my web
machine that points to the external interface of my internal ISA server
machine.
I then created a protocol definition 1433 TCP Inbound with secondary
connections for 
1024 -65534 Outbound
1433 TCP Outbound
1434 UDP Send
1434 UDP Receive
 
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adminsq
l/ad_1_server_1zuc.asp
I also looked at KB article Q287932 for additional information.
 
I set my SQL machine to be integrated security which seems to work great
with this setup.
 
Once I had the hosts file in place I was able to create a systems DSN
that I was able to use to connect to the sql machine on the internal
network.
After changing a few web pages and the global.asa and global.asax files
things were working great!
 
 
Your answer gave me the additional food for thought!
 
Thank you,
 
Joseph
 
-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] 
Sent: Tuesday, August 28, 2001 3:30 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: DMZ and Ping
 
http://www.ISAserver.org
Only if you have an app that expects to ping the server it talks to.
Either way, you'll never ping a LAT member from a non-LAT IP.
What IP is associated with the LAT server; internal IP or ISA gateway?

Jim Harrison
MCP(2K), A+, Network+, PCG
----- Original Message ----- 
From: cismic <mailto:cismic@xxxxxxx>  
To: [ISAserver.org <mailto:isalist@xxxxxxxxxxxxx>  Discussion List] 
Sent: Tuesday, August 28, 2001 1:13 PM
Subject: [isalist] DMZ and Ping
 
http://www.ISAserver.org
Hello,
 
In a back to back configuration.  Is it advisable to allow pinging to
the external interface of the internal isa machine?
I'm still having difficulties when trying to access the internal sql
machine from the web machine located in the dmz.
I added a hosts file entry pointing to the internal machine but with out
success.
 
Thank you,
 
Joseph
 
 
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
cismic@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 08-2001