Hi Marvin, OK, got it. But you're not using a public address DMZ. Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls > -----Original Message----- > From: MarvinC [mailto:marvinc@xxxxxxxxx] > Sent: Thursday, June 23, 2005 12:09 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Upstream router and DMZ > configuration...confused~~!! > > http://www.ISAserver.org > > Page 592 and 593 discuss the public address DMZ segment and it has an > IP listed on this interface in both the route and NAT relationships. > > On 6/23/05, Thomas W Shinder <tshinder@xxxxxxxxxxx> wrote: > > http://www.ISAserver.org > > > > Hi Martin, > > > > There's nothing in the config you show here that would > require a static > > route. Can you point me to the page number in question and > I'll try to > > clarify. > > > > Also, why do you have a DNS server address on the DMZ interface? > > > > Thanks! > > > > Tom > > www.isaserver.org/shinder > > Tom and Deb Shinder's Configuring ISA Server 2004 > > http://tinyurl.com/3xqb7 > > MVP -- ISA Firewalls > > > > > > > > > -----Original Message----- > > > From: MarvinC [mailto:marvinc@xxxxxxxxx] > > > Sent: Wednesday, June 22, 2005 11:51 PM > > > To: [ISAserver.org Discussion List] > > > Subject: [isalist] Upstream router and DMZ > > > configuration...confused~~!! > > > > > > http://www.ISAserver.org > > > > > > I've asked this question before but it was under different > > > circumstances so I need to try again for further clarification. > > > This may seem like a "dumb question" but it's one I have to ask so > > > please accept my apologizes in advance if anyone's bothered by it. > > > I have the Configuring ISA 2004 book and I'm reading an article in > > > Chapter 7 entitled "Creating and configuring a public address > > > tri-homed DMZ Network". I have on my ISA2K box three (3) network > > > adapters with the following settings in the following order: > > > > > > Internal: > > > IP: 10.0.0.x > > > Subnet: 255.0.0.x > > > GW: > > > DNS: IP of internal DNS server. > > > > > > DMZ: > > > IP: 172.16.0.x > > > Subnet: 255.0.0.x > > > GW: 172.16.0.1 > > > DNS: 172.16.0.1 > > > > > > External: ISP Static IP > > > IP: 70.148.240.122 > > > Subnet: 255.255.255.248 > > > GW: 70.148.122.121 > > > > > > There is mention in the book on creating static routes to > the upstream > > > router to ensure communication between the networks. I'm > not sure what > > > the upstream router is and need clarification. Is this a > seperate unit > > > functioning as a router or is this the ISA server? Where > do I enter > > > this command and is this the correct syntax for the command: > > > > > > router add 172.16.0.0 add 172.16.0.0 0 mask 255.255.0.0 > 192.168.1.20 > > > > > > Would anyone have any links or articles that cover static > routes as > > > they relate to ISA2K4? I'm also trying to determine if > the external > > > interface consititutes as a public address? > > > ANY responses are greatly appreciated. ANY!!! > > > > > > ------------------------------------------------------ > > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server FAQ: > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > ------------------------------------------------------ > > > Other Internet Software Marketing Sites: > > > World of Windows Networking: http://www.windowsnetworking.com > > > Leading Network Software Directory: http://www.serverfiles.com > > > No.1 Exchange Server Resource Site: http://www.msexchange.org > > > Windows Security Resource Site: http://www.windowsecurity.com/ > > > Network Security Library: http://www.secinf.net/ > > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > > > ------------------------------------------------------ > > > You are currently subscribed to this ISAserver.org Discussion > > > List as: tshinder@xxxxxxxxxxxxxxxxxx > > > To unsubscribe visit > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Other Internet Software Marketing Sites: > > World of Windows Networking: http://www.windowsnetworking.com > > Leading Network Software Directory: http://www.serverfiles.com > > No.1 Exchange Server Resource Site: http://www.msexchange.org > > Windows Security Resource Site: http://www.windowsecurity.com/ > > Network Security Library: http://www.secinf.net/ > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org > Discussion List as: marvinc@xxxxxxxxx > > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > >