Re: LATDMZ

• From: "Jun" <jun@xxxxxxxxxxxxx>
• To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 7 Mar 2003 11:00:56 -0500

Hi, Jeffrey:
 
Like Tom said, it should work. I have similiar network enviroment as yours, 
tri-homed with DMZ, etc. Make sure the
routing table is configured correct in you ISA.
 
 
Best regards,
John Huang

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] 
Sent: Friday, March 07, 2003 10:48 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: LATDMZ


http://www.ISAserver.org


Hi Jeffrey,
 
It should work. RRAS is aware of all directly attached networks, LAN routing is 
enabled and the ISA Server has IP
Routing enabled. Packets should flow nicely from network to network. Make sure 
the clients on the LATDMZ are using the
correct default gateway.
 
HTH,
Tom

Thomas W Shinder 
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1 
Configuring ISA Server: http://tinyurl.com/1llp 

-----Original Message-----
From: Zhangjb2 [mailto:zhangjb2@xxxxxxxxxxx] 
Sent: Friday, March 07, 2003 9:40 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: LATDMZ


http://www.ISAserver.org


Hi Tom,
 
Thanks. Actually this ISA server is also a VPN server, RRAS and LAN routing is 
enabled. I can find the 4 packet filters
for L2TP and PPTP and in RRAS IP Routing\General, I saw the 3 dedicated 
interfaces (LAN, DMZ and Internet).
 
best regards
Jeffrey

----- Original Message ----- 
From: Thomas W Shinder <mailto:tshinder@xxxxxxxxxxxxxxxxxx>  
To: [ISAserver.org Discussion List] <mailto:isalist@xxxxxxxxxxxxx>  
Sent: Friday, March 07, 2003 10:23 AM
Subject: [isalist] Re: LATDMZ

http://www.ISAserver.org


Hi Jeffrey,
 
Hmmm. I was hoping you would have said something else. OK, enable RRAS and LAN 
routing. Best way to do this is to run
the VPN Server Wizard from the ISA Management console. If you don't want to 
allow inbound VPN connections, just disable
the packet filters the Wizard creates.
 
HTH,
Tom

Thomas W Shinder 
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1 
Configuring ISA Server: http://tinyurl.com/1llp 

-----Original Message-----
From: Zhangjb2 [mailto:zhangjb2@xxxxxxxxxxx] 
Sent: Friday, March 07, 2003 9:21 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: LATDMZ


http://www.ISAserver.org


clients' default gateway is internal network card IP address on ISA server.
Jeffrey

----- Original Message ----- 
From: Thomas W Shinder <mailto:tshinder@xxxxxxxxxxxxxxxxxx>  
To: [ISAserver.org Discussion  <mailto:isalist@xxxxxxxxxxxxx> List] 
Sent: Friday, March 07, 2003 10:03 AM
Subject: [isalist] Re: LATDMZ

http://www.ISAserver.org


Hi Jeffrey,
 
How to the clients know the route to remote networks?
 
(HINT)
 
HTH,
Tom

Thomas W Shinder 
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1 
Configuring ISA Server: http://tinyurl.com/1llp 

-----Original Message-----
From: Jeffrey Zhang [mailto:zhangjb2@xxxxxxxxxxx] 
Sent: Thursday, March 06, 2003 10:48 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: LATDMZ


http://www.ISAserver.org


Hi Tom,
 
Yes, you got the right network structure, a tri-homed ISA server, two different 
subnets for internal and DMZ, an
external network to internet, web server and FTP server is in DMZ.
 
I'd like to let clients in internal network to access web and FTP server in 
DMZ, and external clients can also access
them.
 
I read your chapter 4 and understand 3 methods to control the traffic between 
internal network and LATDMZ, but my
problem is before the first step, you describe that if I connect two subnets to 
ISA and enable the IP Routing, they can
communicate each other. I did but I can not access DMZ from internal net. 
 
Where do I need to check?
 
thanks 
Jeffrey

 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jun@xxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

Other related posts:

• » LATDMZ
• » Re: LATDMZ
• » RE: LATDMZ
• » Re: LATDMZ
• » Re: LATDMZ
• » RE: LATDMZ
• » Re: LATDMZ
• » Re: LATDMZ
• » Re: LATDMZ
• » Re: LATDMZ
• » Re: LATDMZ
• » Re: LATDMZ
• » Re: LATDMZ
• » Re: LATDMZ
• » Re: LATDMZ
• » Re: LATDMZ

1. Home
2. isalist
3. Archive
4. 03-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---