RE: how to manage using ISA behind a leased line

ISA must also have a route to site B.  You enable this by adding site B's
subnet to the ISA routing table.
If you have RRAS installed, enter it there.
If no RRAS on the ISA, use the "route -p add <subnet> mask <netmask>
<gateway>" command.
In your case, the command would be "route -p add 192.168.1.0 mask
255.255.255.0 192.168.2.1"

Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/authors/harrison/
Read the book!

----- Original Message -----
From: "Gerard Dumazet" <gdumazet@xxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, January 02, 2002 03:09
Subject: [isalist] RE: how to manage using ISA behind a leased line


http://www.ISAserver.org



This is a multi-part message in MIME format.



----------------------------------------------------------------------------
----


sorry for my english. i read carefully your reply and just realised my
question was not clear

i have only one ISA in site A - no exchange server
2 subnets and one domain with a pdc in site B and a bdc in site A

site A 192.168.2.0 bdc2000 + ISA internal NIC 192.168.2.0
gateway : none
external NIC
192.168.3.2 gateway 192.168.3.1 adsl router

in site A all clients securenat clients internet fine smtp/pop
fine for outlook express
all clients can share with site B having settled static and permanent routes
to site B having 192.168.2.1 as gateway

site B 192.168.1.0 pdc2000 AD NIC 192.168.1.2

no ISA, no EXCHANGE

how to configure any client of site B to be able to be a securenat client
for iSA on site A

and

to access shared ressources in site A

pointing the default gateway on site B's router doen not help






-----Message d'origine-----
De : Gallop, George [mailto:George.Gallop@xxxxxxxxxx]
Envoye : mardi 1 janvier 2002 23:27
A : [ISAserver.org Discussion List]
Objet : [isalist] RE: how to manage using ISA behind a leased line


http://www.ISAserver.org


Happy New Year.

I am struggling with understanding your English, sorry.

I am no guru, but possibly if I explain what I understood of the problem
we can try and all help?  I have a suggested solution below, so if
anyone wants to comment further...

Site A: 192.168.2.x
Site B: 192.168.1.x

Both Sites connect through a leased line:
Router is 192.168.2.1 for site A
and 192.168.1.1 Site B

DC / possibly Exchange Server in each site and also ISA Server (?):

Site A 192.168.2.2
Site B 192.168.1.2 (?)


I think for clients to access the DC's in each site, you need to do the
following:

1. Set the Default gateway on the secure NAT clients to the ISA server
in the site.
2. On the ISA Server in each site set a static route something like
(depending on your subnet mask):

Site B's ISA Server:
route add -p 192.168.2.0 mask 255.255.255.0 192.168.1.1 metric

Site A's ISA Server:
route add -p 192.168.1.0 mask 255.255.255.0 192.168.2.1 metric

3. In the LAT for the ISA Server ensure the remote network 192.168.x.x
is there.

Lastly, I am not sure but would the clients using SNAT also need a
static route to the remote network, anyone?

Kind regards, George


-----Original Message-----
From: dumazet [mailto:gdumazet@xxxxxxxxxxx]
Sent: Wednesday, 2 January 2002 4:39 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] how to manage using ISA behind a leased line

http://www.ISAserver.org


fist of all happy new year to everyone especially to those who are
managing this helpful list

i already asked one week ago such a question but did'nt succeeded to
have
the right answer, so i formulate again my problem

it is a small company with 6 boxes center of paris (site A 192.168.2.0)
and another office with 10 boxes (site B 192.168.1.0)

both offices are connected through a leased line with cisco routers 800
having adresses 192.168.2.1 for site A and 192.168.1.1 for site B

a win 2K cpd with ad is in site B and another in site A 192.168.2.2

each box in each site has to connect to shared applications ou folders
in
one or the other site. until now everything was working fine

to give access for users to internet and be able to use outlook express
for internet mail we just installed ISA on the csd of site A :
192.168.2.2
waiting for better time to use another independant server
we are using a bewan router on adsl line ok

everything working fine for site A with securenat clients (http, smtp,
pop3)even able to use shared folders on site B using add -p routes to
site
B

but we dont't know what to do for site B

on the internal NIC of ISA 192.168.2.2 we can't include a gateway on the
router of site A 192.168.2.1 , accordingly the boxes of site B can't
connect to the shared folders or applis running on ISA box.

all boxes of site B have the router of site B as gateway 192.168.1.1 but
this does not help to be securenat clients for ISA on site A

applis don't work anymore and internet is useless

i am sure for most of you this routing problem should be quite easy to
solve and i just see on message also on this list nearby mine but noone
gave idea and this is why i ask again

thanks for any idea


------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
george.gallop@xxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gdumazet@xxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')



----------------------------------------------------------------------------
----


------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')




Other related posts: