Re: Howto make ISA server a VPN client
- From: "Steve Moffat" <steve@xxxxxxxxxxxxxxx>
- To: "Isa List" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 25 Mar 2003 11:44:35 -0000
Where's the amusement??, Looks all serious to me.
Steve
-----Original Message-----
From: Mark Hippenstiel [mailto:m.hippenstiel@xxxxxxxxxxxx]
Sent: Tuesday, March 25, 2003 4:02 AM
To: Isa List
Subject: [isalist] Re: Howto make ISA server a VPN client
http://www.ISAserver.org
Good morning,
Well I'm happy to see that I can contribute some amusement :) I think I
will have to explain the problem in more detail to shed a light on this.
The thing is, I don't really know enough about configuring a unix
machine to deliver mails, that's entirely up to my provider. There's two
providers we're talking about, one being the one to supply dial up
access, the other one a smaller company which does web, mail and DNS
hosting. This one's a friend of mine, and I wanted to switch to SMTP
delivery a) to get rid of all the spam I receive and b) to come closer
to a real life scenario with my exchange server which I need to do some
lab work and testing.
So the question was how to make this work. I said that ETRN was not an
option because it does not "open" a communication than rather triggering
a second connection. After I did some reading, I am not too shure
altogether if that's true. But anyway that's what my provider said. If
it's not that way and ETRN does initiate a communication, then Jim's
right and this would be a way to go. The FQDN could be provided by a
DDNS server.
The idea of making a vpn connection of some kind came from a similar
setup with a dedicated ip and a dial-up connection. In that scenario,
the customer's (i.e. my) server is the primary mx and the provider is
the secondary mx. Using VPN would make any auth on the smtp side
obsolete and means very little configuration, because my provider would
only have to make my internal ip address the primary mx. You get the
picture?
Jim wrote that ISA NAT doesn't handle IPSec - that would apply only if
the VPN connection is made from the exchange server right? That's why I
thought I might go this way:
Exchange - ISA|VPN start - internet - VPN end|mail provider
Not an option I guess, huh?
One more thing I'd like to say: it's a good thing that there is such a
list where one can have his problems discussed, and I really do
appreciate your help. But for instance in this thread, I didn't really
get an answer to my original questions. I mean, this could be a problem
of communication, I sometimes think that I don't express myself clear
enough - of course english is not my native language, maybe that's the
reason. The ETRN problem left aside, it could be any other scenario
involving VPN and I asked the question to get a better understanding on
what's possible and some feedback. It would be great if one of you could
write a couple of lines.
Thanks for listing
Mark
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows
Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT
Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
steve@xxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
This E-Mail is confidential. It is not intended to be read, copied, disclosed
or used by any person other than the intended recipients.
Unauthorised use, disclosure, or copying is strictly prohibited and may be
unlawful. Optimum Computer Solutions disclaims any liability for any action
taken in connection of this E-Mail. The comments or statements expressed in
this E-Mail are not necessarily those of Optimum Computer Solutions or its
subsidiaries or affiliates.
usermanager@xxxxxxxxxxxxxxx
Other related posts:
