RE: Configure ISA 2004 as a Network Services Segment Perimeter Firewall
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 8 Aug 2005 15:23:30 -0700
Add: I like playing with non-std deployments.
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: Troy Radtke [mailto:TRadtke@xxxxxxxxxxxx]
Sent: Monday, August 08, 2005 14:55
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Configure ISA 2004 as a Network Services Segment
Perimeter Firewall
http://www.ISAserver.org
Don't have 2 PCI slots?
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Monday, August 08, 2005 4:43 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Configure ISA 2004 as a Network Services Segment
Perimeter Firewall
http://www.ISAserver.org
I used 1q-VLANs for two reasons:
1 - I can't fit 8 NICs in my machine, even using multiport devices.
2 - I'm not concerned with VLAN-hopping in my lab
As always, "better" is relative...
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: Ball, Dan [mailto:DBall@xxxxxxxxxxx]
Sent: Monday, August 08, 2005 10:10
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Configure ISA 2004 as a Network Services Segment
Perimeter Firewall
http://www.ISAserver.org
Did you set them up via VLAN due to having only 2 NICs or is that a
preferred way to do it? I've several discussions with people on the
VLAN strategy, but haven't really come to a consensus as to which way
was the "better" method.
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Monday, August 08, 2005 11:18 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Configure ISA 2004 as a Network Services Segment
Perimeter Firewall
http://www.ISAserver.org
Ha!
:-)
Not quite - still only one "way out"...
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: Ball, Dan [mailto:DBall@xxxxxxxxxxx]
Sent: Monday, August 08, 2005 04:41
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Configure ISA 2004 as a Network Services Segment
Perimeter Firewall
http://www.ISAserver.org
Geesh, now yours is starting to look like mine!
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Sunday, August 07, 2005 9:47 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Configure ISA 2004 as a Network Services Segment
Perimeter Firewall
http://www.ISAserver.org
Hi Tom,
Nice stuff, bro. Wanna see a screenshot of a "peripiheral network from
h377" - IOW, my lab ISA? http://isatools.org/isasefw.scrn.PNG
The 11 NICs in the systray represent two physical interfaces using
802.1q VLANS to serve 1 "external" network, 1 "Internal" and 8
"perimeter" nets (the remaining NIC is the single "internal" card that's
divvied up into the subnets).
4 benches, 8 racks and each one of them lives in a separate network, all
separated by ISA.
RRAS DHCP Relay (and a proper configuration) allows a single DHCP server
to handle all subnets.
As it turns out, this is getting to be a very popular deployment for ISA
- the "Branch offices that chain to a Home office array or server".
Maybe we should add this, too..?
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: Tuesday, August 02, 2005 6:27 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Configure ISA 2004 as a Network Services Segment
Perimeter Firewall
http://www.ISAserver.org
Hey folks,
Let me know if this clear up any issues, or makes them more cloudy and
what doesn't make any sense. Final version, and complete series with
step by steps, will go on the ISAServer.org site later this month.
Configure ISA 2004 as a Network Services Segment Perimeter Firewall:
http://www.msfirewall.org/isa2004/2004servicesfirewallpart1/2004services
firewallpart1.htm
Thanks!
Tom
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
dball@xxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
dball@xxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tradtke@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
Other related posts:
