RE: DMZ perimeter network works withOUT a packet filter
- From: "Thomas W. Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 25 Jan 2002 04:00:04 -0600
Hi Nigel,
Its certainly been true on all the ISA Servers that I've worked with
that had a trihomed DMZ configuration and public addresses on the DMZ
segment. Protocol rules only effect communications between LAT clients
and the Internet. So, I have to assume that your LAT is whack, or
something else that is causing this odd behavior.
HTH,
Tom
www.isaserver.org/shinder
-----Original Message-----
From: Nigel Carroll [mailto:nigel@xxxxxxxxxxxxxxx]
Sent: Friday, January 25, 2002 3:05 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: DMZ perimeter network works withOUT a packet
filter
http://www.ISAserver.org
If true (and I wouldn't doubt you Tom ;-) then my multihomed
public/private internal NIC must be seen by ISA as one private network
(even though public subnet not in LAT) since the protocol rule is
DEFINITELY required before I can get anything out from my public DMZ
subnet other than ICMP.
Would you say that that is a possible explanation ie ISA is treating
them as one private network?
Nigel
-----Original Message-----
From: Thomas W. Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Friday, 25 January 2002 3:38
Subject: RE: DMZ perimeter network works withOUT a packet filter
Hi Nigel,
Protocol Rules have *no* effect on routing packets between the network
and the pubic DMZ segment.
HTH,
Tom
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
