[isalist] adding a second internal network

• From: "Paul Laudenslager" <paul@xxxxxxxxxxxxxxxx>
• To: <isalist@xxxxxxxxxxxxx>
• Date: Sat, 23 Feb 2008 14:33:19 -0500

http://www.ISAserver.org
-------------------------------------------------------
  
Hi Everyone,

This ought to be simple for you gurus... It seems the more I learn, the more
I realize how much I don't know. :)

Current configuration

        ISA2K6
        (1) NIC for External Network
        (1) Internal Network    IP: 172.16.88.x - 172.16.91.x  Mask:
255.255.252.0

I created all the rules and everything is working great for the Internal
Network at this point. (web, smtp, dns, etc)

I was then tasked to add another, yet separate network.  IP: 192.168.0.x
Mask: 255.255.255.0

Added another NIC, assigned it the 192.168.0.1 address.  I can ping the
network fine from ISA.

I went into ISA and added another network called "IntraNet".  I created the
access rules for this new network the same way I created them for the
Internal Network above.

However, I can't get the traffic coming from the IntraNet clients to get out
of their own network.

For example, I'm trying to do a NSLOOKUP from an IntraNet server and
receive...

        Client IP: 192.168.0.5
        Destination IP: 12.127.16.67
        Destination Port: 53
        Protocol: DNS
        Action: Denied Connection
        Result Code: 0xc0040012 FWX_E_NETWORK_RULES_DENIED
        Source Network: IntraNet
        Destination Network: External
        
My first impression is that it's a routing issue and that I would need to
create add a 'route' command to this machine.

However, since it is currently a production server, I thought I'd ask before
I made any modifications.

Thanks in advance for your time and comments.

-Paul L.


------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/  
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp 
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ 
ISA Server Blogs: http://blogs.isaserver.org/ 
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com 
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp 
Report abuse to listadmin@xxxxxxxxxxxxx 

• Follow-Ups:
  • [isalist] Re: adding a second internal network
    • From: Jim Harrison
  • [isalist] Re: adding a second internal network
    • From: Thor (Hammer of God)

• References:
  • [isalist] Re: Error 502 in browsed site
    • From: Thomas W Shinder

Other related posts:

• » [isalist] adding a second internal network
• » [isalist] Re: adding a second internal network
• » [isalist] Re: adding a second internal network
• » [isalist] Re: adding a second internal network
• » [isalist] Re: adding a second internal network
• » [isalist] Re: adding a second internal network
• » [isalist] Re: adding a second internal network
• » [isalist] Re: adding a second internal network
• » [isalist] Re: adding a second internal network
• » [isalist] Re: adding a second internal network
• » [isalist] Re: adding a second internal network

1. Home
2. isalist
3. Archive
4. 02-2008

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---