How to use static ports for special internal request between chained ISA servers
- From: "Roger J�nsson" <roger.jonsson@xxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Fri, 22 Mar 2002 05:53:55 -0700
A very strange problem has landed on MY desk...
Senario:
Two domains, one Win 2000 AD and one NT, no thrusts.
1.) They use a hardware firewall to secure from internet.
2.) They have two DNS roundrobin ISA servers, array maybe.
3.) Behind all this they have another hardware firewall, in another NT
domain.
4.) In this domain they have installed another ISA server witch routes all
traffic to the upstream DNS roundrobin ISA servers.
Problem:
In this inner NT domain i have to install an application witch uses an
high number port request to an Internet resource. This is not possible
because the inner firewall do not let the traffic trough. I guess that the
traffic between the downstream and the upstream ISA servers goes on some
dynamic high ports. Another problem is that a need to know witch source
address i have on my request on the Internet resource.
Solution ?
1.) Make a VPN tunnel between one DNS roundrobin ISA server and the
internal ISA server, but how do i let all other traffic exept on that high
number port run outside this tunnel. This neens that a have to reconfigure
two ISA machines.
2.) Is it possible to configure my internal ISA server to redirect to a
static port on a static ISA server( no DNS roundrobin)?
3.) ????
Please HELP me i need any ideas...And dont ask my why they have done this
type of arrangement.
Roger
Other related posts:
- » How to use static ports for special internal request between chained ISA servers
