Hi Luq, 1. What are you trying to accomplish? 2. What have you done to achieve your goal? 3. What isn't working? 4. Do you have a network diagram? Thanks! Tom www.isaserver.org/shinder <http://www.isaserver.org/shinder> Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls ________________________________ From: Luqman Achmat [mailto:luqman@xxxxxxxxx] Sent: Wednesday, February 23, 2005 2:03 AM To: [ISAserver.org Discussion List] Subject: [isalist] ISA 2004 and remote internal networks http://www.ISAserver.org Greetings I am a newbie to ISA. We recently upgraded ISA2000 to ISA2004 (imported ISA2000 configs) and since the upgrade, the remote internal networks aren't able to access any of the local internal (headoffice) network resources (eg. mailserver on port25) nor external resources. The ISA 2004 server is the default gateway for all 'local network' Windows servers and clients. The remote networks are connected via routers to the head office. When I add a static route on a 'local windows server' for one of the remote networks to point directly to the router linking to the remote net (ie bypassing the ISA server for that remote net; not using ISA as default GW for that remote net), then connectivity works fine. Otherwise ISA server monitoring reports denied connections from the Windows server to the remote network source port (>1024). My ISA 'internal' network config includes all networks, local and remote. Full access is allowed from internal to internal. All client computers are still using the ISA2000 firewall client. What are we doing wrong? Internal Network Config: remoteoffice1 --> headoffice local network <-- remoteoffice2 HeadOffice is connected to the internet. The remote offices use the internet connection at the head office to access external resources. Your response/s will be appreciated. Regards -------------------- Luq A ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx