[isapros] Re: [ISAServer] Nat infrastructure in ISA !
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: <isapros@xxxxxxxxxxxxx>, <Pmathon@xxxxxxxxxxxxxx>
- Date: Fri, 28 Jul 2006 07:33:49 -0500
Pretty silly, isn't it? The customer is not what I would call a "smart"
customer?
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: Philippe MATHON [mailto:Pmathon@xxxxxxxxxxxxxx]
Sent: Friday, July 28, 2006 7:33 AM
To: isaserver@xxxxxxxxxxxxxxx
Subject: RE: [ISAServer] Nat infrastructure in ISA !
Because of the client politic ! To install a software, it can make many
month to qualify it in it organisation ... Big client so political decision !
________________________________
De : Ori Yosefi [mailto:oriy@xxxxxxxxxxxxx]
Envoyé : vendredi 28 juillet 2006 14:08
À : isaserver@xxxxxxxxxxxxxxx
Objet : RE: [ISAServer] Nat infrastructure in ISA !
Hi Philippe,
ISA decides whether to NAT or route traffic based on the network rules
(i.e. based on source IP, not per protocol).
One question - why did you say that there is no way to install the
firewall client on windows XP client? The firewall client supports this OS.
Hope this helps,
Ori.
________________________________
From: Philippe MATHON [mailto:Pmathon@xxxxxxxxxxxxxx]
Sent: Friday, July 28, 2006 11:50 AM
To: isaserver@xxxxxxxxxxxxxxx
Subject: [ISAServer] Nat infrastructure in ISA !
Hi,
I found an ISA limitation for one of my big client.
This client use two kind of firewall (fortigate and Cisco Pix).
This client use ISA 2000 in proxy mode on a DMZ. I'm helping this
client to migrate ISA 2000 to ISA 2004 or 2006, to manage some protocol like
rtsp, rdp and so on.
No way to install firewall client on the windows xp client !
So It would be interesting, like in checkpoint or cisco environnement,
to tell ISA to NAT some kind of traffic. For exemple, my need will be to don't
translate traffic to external (because there are multiple nat gateway beside
ISA), but NAT for rtsp traffic.
Unfortunately, ISA allow to NAT from source to destination but not from
source to destination for a special protocol !
May be in ISA 2007 !
ENI Service
Philippe MATHON
Responsable Technique Système - Réseau - Sécurité
7, Bis Avenue Jacques Cartier
44800 St HERBLAIN
pmathon@xxxxxxxxxxxxxx
www.eni-service.fr <http://www.eni-service.fr>
tel:
fax:
02-40-92-45-50
02-40-92-45-51
---
To subscribe to the list - send an email to list@xxxxxxxxxxxxxxx
In the subject line put in JOIN isaserver@xxxxxxxxxxxxxxx,
youremailaddress
To leave the list - send an email to list@xxxxxxxxxxxxxxx
In the subject line put in LEAVE isaserver@xxxxxxxxxxxxxxx,
youremailaddress
Don't forget the comma!
---
To subscribe to the list - send an email to list@xxxxxxxxxxxxxxx
In the subject line put in JOIN isaserver@xxxxxxxxxxxxxxx,
youremailaddress
To leave the list - send an email to list@xxxxxxxxxxxxxxx
In the subject line put in LEAVE isaserver@xxxxxxxxxxxxxxx,
youremailaddress
Don't forget the comma!
---
To subscribe to the list - send an email to list@xxxxxxxxxxxxxxx
In the subject line put in JOIN isaserver@xxxxxxxxxxxxxxx,
youremailaddress
To leave the list - send an email to list@xxxxxxxxxxxxxxx
In the subject line put in LEAVE isaserver@xxxxxxxxxxxxxxx,
youremailaddress
Don't forget the comma!
Other related posts:
