Help . . . . Mysterious DMZ problem
- From: "Miguel Harper" <piggyshark@xxxxxxxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Thu, 28 Feb 2002 03:35:49 -0700
I really thought this was going to be a stroll in the park compared to the
other stuff I had to do for ISA but I guess not. First off I really
liked the idea of the tri-homed setup for the DMZ. It was economical and
configuration would be kept to a minimum. Anyways, I set up the DMZ just
liked tom said in his tutorial. I used 2 public ip's which are on the
same subnet as the default external ip address of ISA. So you could say
that all the public IP's are on the same subnet 255.255.255.192. Speaking
of economical I first set up the DMZ using a crossover cable from the ISA
to the web server. The funny thing was I couldn't ping ISA from the
webserver. So at first I doubted myself and the configuration of the
crossover cable. So I decided to remove the cable and replace it with
10/100 hub and guess what I still couldn't ping the DMZ nic from the Web
Server. I can ping the DMZ nic from my internal network and ISA itself
but when I try form the webserver I get a request timed out. Just to
double check I asked the ISP to try and ping the DMZ ip and they couldn't
do it. I know it is not a hardware failure because all of the stuff that
I'm using now was working before.
I added all the ICMP packet filters possible for the DMZ nic and the
webserver nic. I also added DNS and Http packet filters for the DMZ and
the Web server. I also tried surfing from the web server but no luck it
just seems like the DMZ nic does not want to route inbound or outbound
packets. And yes IP routing and Packet filtering are enabled.
Does anyone out there have a clue. I would really appreciate it since I
just went through round 3 with OWA and finally got it working again.
Other related posts:
