[isalist] Re: ISA 2004 SP2 two ISP's; not load balancing or HA, just another connection
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Fri, 24 Mar 2006 12:55:06 -0800
What is not supported is multiple ISP connections to the Internet.
As your other brother Dan has been so happy to point out, what is "external" is
very interpretable.
If you have a point-to-point WAN, then this is a "Perimeter"; not an "External"
network.
________________________________
From: isalist-bounce@xxxxxxxxxxxxx on behalf of Danny
Sent: Fri 3/24/2006 11:52 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] ISA 2004 SP2 two ISP's; not load balancing or HA, just
another connection
http://www.ISAserver.org
-------------------------------------------------------
I have read this:
"Network and Routing Issues
This section describes network and routing issues and solutions.
ISA Server Does Not Support Multiple External Interfaces
Problem: ISA Server does not support multiple external connections to
the Internet.
Cause: ISA Server does not support configuring multiple connections on
the External network adapter.
Solution: No workaround. There are a number of third-party products
that may provide a solution. For more information, see High
Availability and Load Balancing at the Windows Server System Web
site."
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/unsupportedconfigs.mspx
But, I am not convinced that I am SOL.
Current configuration:
Cisco 26xx router
|
Public IP
|
IPCop Firewall (necessary to maintain IPSec connectivity to newly
acquired sites with IPCop firewalls)
|
Three NICS - 1) Internal 2) DMZ to ISA Ext NIC 3) Internet
|
NIC #2 to ISA 2004 server Ext NIC
Right now, the IPCop box is forwarding HTTPS/443 to the ISA server for
secure OWA (Exchange 2003 standalone on the LAN).
We have a new DSL connection that we want to use for remote VPN, OWA,
Outlook RPC/HTTPS. Based on Microsoft's statement that you cannot
have multiple external interfaces, I assume that I cannot simply
install another NIC and plug the DSL connection directly into it,
create a new network for the existing External NIC, and then define
the DSL connection as the new "External" network?
There are many complications and frustrations associated with this,
specifically the fact that IPCop would not IPSec VPN with ISA, so you
will have to trust me when you question why the current config is the
way it is. I also must add that this whole WAN and site-to-site
network is being replaced in a few months, so the company involved
obviously does not want a lot of resources thrown at this project even
though they must have reliable connectivity to these resources.
My goal is to basically leave the existing config with OWA, and setup
this new Internet connection as an interim solution for remote VPN,
OWA (separate SSL cert and domain), and Outlook RPC over HTTPS.
Thanks,
...D
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
Other related posts:
