RE: Linksys in front of ISA...

  • From: "Quillman Shawn (RBNA/CSA1) *" <Shawn.Quillman@xxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Fri, 8 Oct 2004 11:59:46 -0500

Nonono, internal interface of an ISA doesn't get a defgw.  External
interface gets a static IP (192.168.1.x), sm, defgw of the internal
interface of the linksys.

Here's the rundown:

External Linksys Interface:
PPPOE from DSL provider

Internal Linksys Interface:
192.168.1.1(configured by default)

External ISA Interface:
Static: 192.168.1.x
Sm: 255.255.255.0
Gw: 192.168.1.1

Internal ISA Interface:
Static: <some other subnet than 192.168.1.x>
Sm: whatever
Gw: none

-Shawn

-----
Shawn R. Quillman
Robert Bosch Corporation RBNA/CSA1
38000 Hills Tech Drive
Farmington Hills, MI 48331
(248) 553-1164 (P) (248) 848-6969 (F)
shawn.quillman@xxxxxxxxxxxx

-----Original Message-----
From: Marvin Cummings [mailto:MarvinC@xxxxxxxxx] 
Sent: Friday, October 08, 2004 12:50 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Linksys in front of ISA...

http://www.ISAserver.org

So your ISA server uses the IP of the DSL device as its gateway. I
don't have a gateway listed in the internal interface of the ISA
server. So I'll change that. What I'm confused on is how your external
interface is configured. Being that the external interface IP never
change, you must not be on a dynamic connection. Or am I missing
something here?

thnks


On Fri, 8 Oct 2004 11:34:07 -0500, Thomas W Shinder
<tshinder@xxxxxxxxxxx> wrote:
> http://www.ISAserver.org
> 
> Hi Marvin,
> 
> This is how I do it:
> 
> LAN--ISA firewall--DSL NAT device--Internet
> 
> ISA firewall has static addresses
> ISA firewall uses LAN address of DSL NAT device at its default gateway
> DSL NAT device handles dynamic public addressing and PPPoE
> 
> Everything work! I just forward all incoming traffic from the Internet
> to the ISA firewall's external interface.
> 
> I use TZO for my DDNS server for publishing. Since the ISA firealls
> external address never changes, everything always works.
> 
> HTH,
> 
> Tom
> www.isaserver.org/shinder
> Get the book!
> Tom and Deb Shinder's Configuring ISA Server 2004
> http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> 
> 
> 
> 
> -----Original Message-----
> From: Marvin Cummings [mailto:MarvinC@xxxxxxxxx]
> Sent: Friday, October 08, 2004 11:26 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Linksys in front of ISA...
> 
> http://www.ISAserver.org
> 
> For some reason setting up ISA to use static IP addresses is easy. I
> set one up using SDSL with static IP's with a server setup similar to
> yours and didn't have a problem. It's the dynamic dsl connections that
> have given me fits.
> 
> On Fri, 8 Oct 2004 11:04:49 -0500, Jeff Sloan <jsloan@xxxxxxxxxxxx>
> wrote:
> > http://www.ISAserver.org
> >
> > I am about to have to change ISPs as well, and are going to DSL with
> 30
> > static IP.
> > Am I going to have to use a nat device in front of the ISA (2000) as
> > well?
> > Or will the static IP fix that problem?
> > I have my web sites, terminal servers, et all published through ISA
> and
> > don't want an extra device screwing all that up.
> > Thanks
> >
> > Jeff Sloan
> > Network Administrator
> > Cross Oil Refining & Marketing, Inc.
> > 484 E. 6th St.
> > Smackover, AR 71762
> >
> > -----Original Message-----
> > From: Aman Bedi [mailto:gurkirpal.bedi@xxxxxxxxxxx]
> > Sent: Friday, October 08, 2004 11:01 AM
> > To: ISALists
> > Subject: [isalist] RE: Linksys in front of ISA...
> >
> > http://www.ISAserver.org
> >
> > "The only way I seem to be able to get to the Internet is if I put
my
> > linksys in front of the ISA server and configure the external NIC to
> use
> > the IP of the linksys as its gateway."
> >
> > Isn't this how it should be .
> >
> > I have a Netopia DSL router in front of ISA .. and works fine .
> > The router has one public for its interface. All other public ips
are
> > configured on external interface of ISA and configured for
publishing
> .
> >
> > Scanbuy Inc
> > Aman Bedi | Systems/Network Administrator
> >
>
------------------------------------------------------------------------
> > ----
> > -------------------------------------
> >
> > -----Original Message-----
> > From: Marvin Cummings [mailto:MarvinC@xxxxxxxxx]
> > Sent: Friday, October 08, 2004 11:47 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] Linksys in front of ISA...
> >
> > http://www.ISAserver.org
> >
> > Double-post.
> > Need some help getting ISA to work on a DSL connection. The only way
I
> > seem to be able to get to the Internet is if I put my linksys in
front
> > of the ISA server and configure the external NIC to use the IP of
the
> > linksys as its gateway. I also had to provide it with a static
> internal
> > IP. I'm thinking this will come back to haunt me once I begin
> publishing
> > servers and services. I've read the articles on configuring DSL, the
> > network interfaces, and ISA to support PPOE and have tried
everything
> > with no success. If I don't use the linksys I'm not able to access
the
> > Internet on any of my secureNAT clients. I seem to recall there
being
> > some talk on this subject and wonder if anyone can advise on the
pros
> > and cons of this type of setup, one that uses a linksys in front of
> the
> > firewall. I'm thinking I'd be better of going with a hardware
> solutions
> > or a linux firewall solution. Any responses are appreciated.
> >
> > TIA
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > World of Windows Networking: http://www.windowsnetworking.com
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List
as:
> marvinc@xxxxxxxxx
> > To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> 
> 
> tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
marvinc@xxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
shawn.quillman@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 10-2004