RE : VPN in DMZ help
- From: Gérard Dumazet <gdumazet@xxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 30 Oct 2002 13:39:34 +0100
I am quite interested to; if anyone of you has a solution please let us
know what to do!
In my case we have BEWAN 6104 routers connecting different LAN to LAN
with VPN tunnels on ADSL lines working well between agencies without
firewall.
We have now to find a way to connect our distant LAN clients to
resources on our main office which is behind ISA
Configuration is:
LAN 192.168.x.0
VPN Tunnel
192.168.1.0 (dmz)
ISA
192.168.y.0
I have some experience of gateway to gateway between two ISA but in my
case as in the case of Friese, the VPN tunnel ends before ISA. Do you
think that adding routes on the adsl router will not solve the problem ?
Lets say that to reach 192.168.y.0 any packet entering the dmz should be
routed to the external NIC of ISA ?
-----Message d'origine-----
De : Friese, Casey [mailto:cfriese@xxxxxxxxxxxxx]
Envoyé : mardi 29 octobre 2002 19:08
À : [ISAserver.org Discussion List]
Objet : [isalist] VPN in DMZ help
http://www.ISAserver.org
Remote office location using Linksys EtherFast Cable/DSL VPN Router
Local office location using MS ISA as firewall/proxy for internal
clients.
ISA is configured tri-homed with external, internal and dmz.
I have a second Linksys EtherFast Cable/DSL VPN router sitting on the
dmz coming from the ISA.
I want the remote office Linksys and the local office Linksys to
establish an Ipsec tunnel through the ISA server. Traffic then is to
pass from the remote office clients to the local office clients on the
internal network.
Linksys in remote office is configured with a public WAN IP and internal
IP of the network behind it, obviously.
Linksys in local office is configured with it's WAN IP as a DMZ adress
and an internal IP of the internal network.
How do I configure the ISA to pass the Ipsec tunnel traffic through to
the Linksys on either end - depending on where the connection is
originating from?
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gdumazet@xxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
___________________________________________________________________
Haut Débit: Modem offert soit 150,92 euros remboursés sur le Pack
eXtense de Wanadoo !
Profitez du Haut Débit à partir de 30 euros/mois :
http://www.ifrance.com/_reloc/w
__________________________________________________________________
Haut Débit: Modem offert soit 150,92 euros remboursés sur le Pack eXtense de
Wanadoo !
Profitez du Haut Débit à partir de 30 euros/mois :
http://www.ifrance.com/_reloc/w
Other related posts: