Perfectly valid (if a bit weak) for Cache mode. If all they want ISA for is web caching, they're not interested hearing the benefit of its security features. You may have a long row to hoe, but patience will out for you; keep beating on them. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Jim" <nre@xxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Wednesday, July 14, 2004 11:49 Subject: [isalist] ISA - Two NICs connected to one physical network http://www.ISAserver.org I've recently inherited a network and am having trouble convincing some of the old timers that the design may be less than optimal. Scenario - ISA Server sandwiched between Router and hardware firewall. ISA Server currently configured for Web Proxy only. Router configured with two IP subnets on single ethernet interface; primary and secondary. ISA NICs configured with IPs matching the primary and secondary subnets of routers interface. Both ISA Server NICs plugged into the same physical LAN connection (switch with no VLAN segmentation). Granted there is a hardware firewall in front of the ISA Server and Router but it seems to make more sense to have physical LAN separation between the two ISA NIC interfaces instead of only logical IP separation. It seems to be working but, are there any valid arguments against this particular scenario? Or, is this a valid configuration for using the ISA Server for Web proxy services only? Any valid arguments one way or another will be appreciated. Thank you. Jim ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist