[isapros] Re: [ISAServer] Nat infrastructure in ISA !
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: <isapros@xxxxxxxxxxxxx>, <Pmathon@xxxxxxxxxxxxxx>
- Date: Fri, 28 Jul 2006 07:16:27 -0500
Hi Philippe,
Yes, the ISA firewall isn't a good router like PIX. But it is a better firewall.
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: Philippe MATHON [mailto:Pmathon@xxxxxxxxxxxxxx]
Sent: Friday, July 28, 2006 3:50 AM
To: isaserver@xxxxxxxxxxxxxxx
Subject: [ISAServer] Nat infrastructure in ISA !
Hi,
I found an ISA limitation for one of my big client.
This client use two kind of firewall (fortigate and Cisco Pix).
This client use ISA 2000 in proxy mode on a DMZ. I'm helping this
client to migrate ISA 2000 to ISA 2004 or 2006, to manage some protocol like
rtsp, rdp and so on.
No way to install firewall client on the windows xp client !
So It would be interesting, like in checkpoint or cisco environnement,
to tell ISA to NAT some kind of traffic. For exemple, my need will be to don't
translate traffic to external (because there are multiple nat gateway beside
ISA), but NAT for rtsp traffic.
Unfortunately, ISA allow to NAT from source to destination but not from
source to destination for a special protocol !
May be in ISA 2007 !
ENI Service
Philippe MATHON
Responsable Technique Système - Réseau - Sécurité
7, Bis Avenue Jacques Cartier
44800 St HERBLAIN
pmathon@xxxxxxxxxxxxxx
www.eni-service.fr <http://www.eni-service.fr>
tel:
fax:
02-40-92-45-50
02-40-92-45-51
---
To subscribe to the list - send an email to list@xxxxxxxxxxxxxxx
In the subject line put in JOIN isaserver@xxxxxxxxxxxxxxx,
youremailaddress
To leave the list - send an email to list@xxxxxxxxxxxxxxx
In the subject line put in LEAVE isaserver@xxxxxxxxxxxxxxx,
youremailaddress
Don't forget the comma!
Other related posts:
