RE: ISA 2004 and remote internal networks

• From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 23 Feb 2005 07:50:36 -0800

Could be that it didn't exist when you were looking.
It only got written last Nov...

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: Ball, Dan [mailto:DBall@xxxxxxxxxxx] 
Sent: Wednesday, February 23, 2005 07:06
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 and remote internal networks

http://www.ISAserver.org

My question is; WHY didn't that one come up when I was looking for that
kind of information? I could have used that article before, doesn't help
me now though... 

I've had many incidents where I put a major phrase word-for-word from
the original text into the KB search, and couldn't find an article I had
recently read.  Only to "accidentally" find it later on whilst searching
for something else!  Had to develop a habit of creating a favorite for
every page I thought I might need in the future to counter this.

*mumble* damn KB! *grumble*

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Wednesday, February 23, 2005 09:43
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 and remote internal networks

http://www.ISAserver.org

Hi Jim,

Looks like you're right on with that one. That's one of my favorite KBs!



Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls


-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Sent: Wednesday, February 23, 2005 8:29 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 and remote internal networks

http://www.ISAserver.org

H iTom,

I think he's talking about this:
http://support.microsoft.com/?id=888042

I think we should have titled it:
"ISA ain't no freakin' router, dammit!"

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Wednesday, February 23, 2005 4:19 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 and remote internal networks

http://www.ISAserver.org

Hi Luq,
 
1. What are you trying to accomplish?
 
2. What have you done to achieve your goal?
 
3. What isn't working?
 
4. Do you have a network diagram?
 
 
Thanks!
Tom
www.isaserver.org/shinder <http://www.isaserver.org/shinder> 
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- ISA Firewalls

 

________________________________

From: Luqman Achmat [mailto:luqman@xxxxxxxxx] 
Sent: Wednesday, February 23, 2005 2:03 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] ISA 2004 and remote internal networks


http://www.ISAserver.org


Greetings

 

I am a newbie to ISA. We recently upgraded ISA2000 to ISA2004 (imported
ISA2000 configs) and since the upgrade, the remote internal networks
aren't able to access any of the local internal (headoffice) network
resources (eg. mailserver on port25) nor external resources.

 

The ISA 2004 server is the default gateway for all 'local network'
Windows servers and clients.

The remote networks are connected via routers to the head office.

When I add a static route on a 'local windows server' for one of the
remote networks to point directly to the router linking to the remote
net (ie bypassing the ISA server for that remote net; not using ISA as
default GW for that remote net), then connectivity works fine. Otherwise
ISA server monitoring reports denied connections from the Windows server
to the remote network source port (>1024).

 

My ISA 'internal' network config includes all networks, local and
remote. Full access is allowed from internal to internal.

 

All client computers are still using the ISA2000 firewall client.

 

What are we doing wrong?

 

Internal Network Config:

remoteoffice1 --> headoffice local network <-- remoteoffice2

HeadOffice is connected to the internet. The remote offices use the
internet connection at the head office to access external resources.

 

Your response/s will be appreciated.

 

Regards

 

--------------------

Luq A

 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
dball@xxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.

Other related posts:

• » ISA 2004 and remote internal networks
• » RE: ISA 2004 and remote internal networks
• » RE: ISA 2004 and remote internal networks
• » RE: ISA 2004 and remote internal networks
• » RE: ISA 2004 and remote internal networks
• » RE: ISA 2004 and remote internal networks
• » RE: ISA 2004 and remote internal networks
• » RE: ISA 2004 and remote internal networks

1. Home
2. isalist
3. Archive
4. 02-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---