RE: Setup of Tri-Homed DMZ

• From: "John Tolmachoff \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx>
• To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 19 Aug 2003 07:06:22 -0700

The only thing that should be in the LAT is the internal private network.
Remove the Public IPs.

For the DMZ zone, you need to subnet your assigned public IP addresses.

Best thing I can recommend is to get the 2 books by Dr. Tom Shinder and read
the articles on ISAserver.org.

John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com

> -----Original Message-----
> From: Pranesh.K [mailto:cmspanu@xxxxxxxxx]
> Sent: Tuesday, August 19, 2003 2:42 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Setup of Tri-Homed DMZ
> 
> http://www.ISAserver.org
> 
> 
> 1. We have configured a tri-homed ISA firewall as per the steps given in
> the Microsoft help and documentation. But we are not succeeded the same.
> ISA (std. edition)is installed on windows 2000 server with latest service
> pack. Pls go through the following  and advice me the solution for the
> same.
> 
>  One network adapter connected to the corporate network's internal
> clients.
>  The second network adapter connects to the corporate network's
> servers, which are located in the perimeter network.
>  The third network adapter connects to the Internet.
> 
>  Configured the LAT to include all the addresses on the corporate
> network. (internal: 192.168.1.1 and external address : 202.140.129.49)
>  Enabled packet filtering.
>  Enabled IP routing.
>  Created IP packet filters for the  mail servers in the perimeter
> network. Each IP packet filter should have the following parameters:
>  Filter type selected  -  custom (any Ip and both direction)
>  Local computer  IP address of the perimeter network server-
> 202.140.129.210/29
>  Remote computer should be Any Computer (or a specific computer,
> if access is limited to specific computers).
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> johnlist@xxxxxxxxxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » Setup of Tri-Homed DMZ
• » RE: Setup of Tri-Homed DMZ
• » RE: Setup of Tri-Homed DMZ
• » RE: Setup of Tri-Homed DMZ
• » RE: Setup of Tri-Homed DMZ
• » RE: Setup of Tri-Homed DMZ
• » RE: Setup of Tri-Homed DMZ

1. Home
2. isalist
3. Archive
4. 08-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---