RE: ISA Ain't No Router

  • From: "Crockett, Gregory" <Gregory.Crockett@xxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Mon, 10 Jan 2005 10:09:29 -0600

Why?  I thought the same after I installed ISA2K4.  I have three NICs,
all DCs are behind the Internal network - the other subnets clients
could not log on to the domain.  With a little digging, and posted
questions, Jim came back and said, yes, ISA2k4 will route - you must
know what you want to route.  Once I heard that, I was off setting up
exactly what I wanted the different subnets to see with each other -- I
prefer this method.  I found different docs @ isaserver.org to help with
the rules.  I am in and environment that consist of ad-hoc wireless
users - much like a t-mobile hotspot, we do not control the clients --
we just give them free access; public (USAF) library that consist of
thin-clients (TC); and PC workstations.  These TC's sit behind internal
network 1 and the terminal servers (TS) sit behind the Internal network.
I had to create rules so that the internal network clients could
communicate with the Internal network.  I configured LDAP, DNS, and
other protocols so the TCs and fat-clients can connect/authenticate to
the TS and domain controllers.  ISA2k4 allowed me to control which ip
range could attach to the TS.  This way if a perceptive user accessed
the TC configuration, ISA2k4 only allowed RDP access to one clustered ip
address.

 

ISA2k4 allowed me to lockdown the network more so than ISA2k.

 

Have fun!

 

greg

 

________________________________

From: Tiago de Aviz [mailto:Tiago@xxxxxxxxxxxxxxx] 
Sent: Monday, January 10, 2005 9:31 AM
To: [ISAserver.org Discussion List]
Subject: RES: [isalist] RE: ISA Ain't No Router

 

Me and a couple of customers want this feature back too! =)

 

Now I cant't upgrade them =((

 

Tiago

        -----Mensagem original----- 
        De: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
        Enviada: seg 1/10/2005 12:17 
        Para: [ISAserver.org Discussion List] 
        Cc: 
        Assunto: [isalist] RE: ISA Ain't No Router

        http://www.ISAserver.org
        
        Unfortunately, we also had a LARGE customer that was quite upset
about
        the issue.
        I had to write that because they wanted "the old behavior".
        ..now it's documented...
        
          Jim Harrison
          MCP(NT4, W2K), A+, Network+, PCG
          http://isaserver.org/Jim_Harrison/
          http://isatools.org
          Read the help / books / articles!
        
        
        
        -----Original Message-----
        From: Gabriel O. Zabal [mailto:gabriel@xxxxxxxxxx]
        Sent: Monday, January 10, 2005 2:13 AM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] RE: ISA Ain't No Router
        
        http://www.ISAserver.org
        
        
        Thanks Jim, nice article.
        
        I know that about ISA2004 because I upgraded a scenario just
like that,
        where they were using ISA2000, and it was forwarding packets
with no
        problems.
        
        Now I have no doubt about the issue :-)
        
        
        
        Gabriel
        
        
        
        ________________________________
        
        De: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
        Enviado el: Lunes, 10 de Enero de 2005 12:19 a.m.
        Para: [ISAserver.org Discussion List]
        Asunto: [isalist] RE: ISA Ain't No Router
        
        
        
        http://www.ISAserver.org
        
        Hi Jim,
        
        
        
        Good one. Should have thought of that.
        
        
        
        Tom
        www.isaserver.org/shinder <http://www.isaserver.org/shinder>
        Tom and Deb Shinder's Configuring ISA Server 2004
        http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
        MVP -- ISA Firewalls
        
        
        
        
        
        ________________________________
        
        From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
        Sent: Sunday, January 09, 2005 11:46 AM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] ISA Ain't No Router
        
        http://www.ISAserver.org
        
        ..couldn't remember if this had been posted to the list or
not...
        
        
        
        http://support.microsoft.com/?id=888042
        
        
        
        
          Jim Harrison
          MCP(NT4, W2K), A+, Network+, PCG
          http://isaserver.org/Jim_Harrison/
          http://isatools.org
          Read the help / books / articles!
        
        
        
        
        
        
        
        ------------------------------------------------------
        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
        ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Other Internet Software Marketing Sites:
        World of Windows Networking: http://www.windowsnetworking.com
        Leading Network Software Directory: http://www.serverfiles.com
        No.1 Exchange Server Resource Site: http://www.msexchange.org
        Windows Security Resource Site: http://www.windowsecurity.com/
        Network Security Library: http://www.secinf.net/
        Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as:
        tshinder@xxxxxxxxxxxxxxxxxx
        To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        Report abuse to listadmin@xxxxxxxxxxxxx
        
        All mail to and from this domain is GFI-scanned.
        
        ------------------------------------------------------
        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
        ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Other Internet Software Marketing Sites:
        World of Windows Networking: http://www.windowsnetworking.com
        Leading Network Software Directory: http://www.serverfiles.com
        No.1 Exchange Server Resource Site: http://www.msexchange.org
        Windows Security Resource Site: http://www.windowsecurity.com/
        Network Security Library: http://www.secinf.net/
        Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as:
        gabriel@xxxxxxxxxx
        To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        Report abuse to listadmin@xxxxxxxxxxxxx
        
        ------------------------------------------------------
        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
        ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Other Internet Software Marketing Sites:
        World of Windows Networking: http://www.windowsnetworking.com
        Leading Network Software Directory: http://www.serverfiles.com
        No.1 Exchange Server Resource Site: http://www.msexchange.org
        Windows Security Resource Site: http://www.windowsecurity.com/
        Network Security Library: http://www.secinf.net/
        Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as:
        jim@xxxxxxxxxxxx
        To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        Report abuse to listadmin@xxxxxxxxxxxxx
        
        All mail to and from this domain is GFI-scanned.
        
        
        ------------------------------------------------------
        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
        ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Other Internet Software Marketing Sites:
        World of Windows Networking: http://www.windowsnetworking.com
        Leading Network Software Directory: http://www.serverfiles.com
        No.1 Exchange Server Resource Site: http://www.msexchange.org
        Windows Security Resource Site: http://www.windowsecurity.com/
        Network Security Library: http://www.secinf.net/
        Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as: tiago@xxxxxxxxxxxxxxx
        To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts: