RE: SSL Problems with ISA 2004
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 21 Jan 2005 17:17:46 -0800
I'll stipulate that you've defined it as an "external" network, but I'll
also bet that this is a misconfiguration that just "happens to work".
If you're willing, you can send me your ISAInfo privately and one of two
things will result:
1 - your configuration will spawn a KB or whitepaper (basically a WAN)
2 - I'll respond with corrective steps
This "dual ISP" distinction is important.
What you describe is nothing more than a "special routing arrangment",
NOT "dual ISP connections".
No argument that you've managed to create an efficient network this way,
but it's not what the community at large understands as "two ISP
connections".
-----Original Message-----
From: Ball, Dan [mailto:DBall@xxxxxxxxxxx]
Sent: Friday, January 21, 2005 16:09
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SSL Problems with ISA 2004
http://www.ISAserver.org
That is true, it doesn't do "true" load balancing, but you can split
traffic between different networks. For example, I have traffic bound
for the local University routed through one network because they also
use that same provider, it beats routing the traffic halfway across the
US to go across town. If one network goes down, I can then make the
change to route all traffic through the other one. So, while it doesn't
do true load balancing and fail-over, it'll suffice for what I need.
(Although, now that I think about it more, I could probably put routes
with higher metrics in to provide fail-over...Hmmmm) As for a "default
NIC", that is true with any router, if you don't specifically route it
an address, it will take the "default" route.
I tried to do this with ISA2000, but after many hours of working on it I
finally had to agree with the manuals and MS Knowledge Base that it
truly only supported ONE External NIC regardless of how many you put in
there. The 2004 version was a great thing for us because it would
support so many networks. Once I got it in place, I was able to get
right of several routers and switches, and even one extra server.
So, while I'll agree with you that ISA 2004 doesn't do "everything" that
everyone would want, I will not agree that it only supports one ISP, as
I know better, and have working proof of that.
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Friday, January 21, 2005 17:49
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SSL Problems with ISA 2004
http://www.ISAserver.org
This is true of obth products.
Ues, you can have as many physical interfaces as you want, but only one
"default NIC" where the default gateway lives.
You will not achieve any sort of failover or load balancing with your
installation.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
Other related posts:
