Why? I thought the same after I installed ISA2K4. I have three NICs, all DCs are behind the Internal network - the other subnets clients could not log on to the domain. With a little digging, and posted questions, Jim came back and said, yes, ISA2k4 will route - you must know what you want to route. Once I heard that, I was off setting up exactly what I wanted the different subnets to see with each other -- I prefer this method. I found different docs @ isaserver.org to help with the rules. I am in and environment that consist of ad-hoc wireless users - much like a t-mobile hotspot, we do not control the clients -- we just give them free access; public (USAF) library that consist of thin-clients (TC); and PC workstations. These TC's sit behind internal network 1 and the terminal servers (TS) sit behind the Internal network. I had to create rules so that the internal network clients could communicate with the Internal network. I configured LDAP, DNS, and other protocols so the TCs and fat-clients can connect/authenticate to the TS and domain controllers. ISA2k4 allowed me to control which ip range could attach to the TS. This way if a perceptive user accessed the TC configuration, ISA2k4 only allowed RDP access to one clustered ip address. ISA2k4 allowed me to lockdown the network more so than ISA2k. Have fun! greg ________________________________ From: Tiago de Aviz [mailto:Tiago@xxxxxxxxxxxxxxx] Sent: Monday, January 10, 2005 9:31 AM To: [ISAserver.org Discussion List] Subject: RES: [isalist] RE: ISA Ain't No Router Me and a couple of customers want this feature back too! =) Now I cant't upgrade them =(( Tiago -----Mensagem original----- De: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Enviada: seg 1/10/2005 12:17 Para: [ISAserver.org Discussion List] Cc: Assunto: [isalist] RE: ISA Ain't No Router http://www.ISAserver.org Unfortunately, we also had a LARGE customer that was quite upset about the issue. I had to write that because they wanted "the old behavior". ..now it's documented... Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! -----Original Message----- From: Gabriel O. Zabal [mailto:gabriel@xxxxxxxxxx] Sent: Monday, January 10, 2005 2:13 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA Ain't No Router http://www.ISAserver.org Thanks Jim, nice article. I know that about ISA2004 because I upgraded a scenario just like that, where they were using ISA2000, and it was forwarding packets with no problems. Now I have no doubt about the issue :-) Gabriel ________________________________ De: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Enviado el: Lunes, 10 de Enero de 2005 12:19 a.m. Para: [ISAserver.org Discussion List] Asunto: [isalist] RE: ISA Ain't No Router http://www.ISAserver.org Hi Jim, Good one. Should have thought of that. Tom www.isaserver.org/shinder <http://www.isaserver.org/shinder> Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls ________________________________ From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Sunday, January 09, 2005 11:46 AM To: [ISAserver.org Discussion List] Subject: [isalist] ISA Ain't No Router http://www.ISAserver.org ..couldn't remember if this had been posted to the list or not... http://support.microsoft.com/?id=888042 Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: gabriel@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tiago@xxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx