RE: ISA behind a Netscreen
- From: "Stefaan Pouseele" <stefaan.pouseele@xxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Sun, 24 Feb 2002 01:16:04 +0100
Hi Scott,
if you want a gateway-to-gateway VPN and full connectivity (all sort of
protocols such as file and printer sharing, domain logon, etc...), your VPN
endpoints should have access to the internal networks. So, if the ISA sits
behind the Netscreen (on the internal side) then the ISA should be the VPN
endpoint. Now, this is not a easy configuration because I think Netscreen is
using pure IPSec for VPN.
To make life easy, I suggest you place the Netscreen in parallel with the
ISA and use it *only* for the VPN connection.
Hope this helps,
Stefaan
-----Original Message-----
From: ScottBWilliams [mailto:scottbwilliams@xxxxxxx]
Sent: zondag 24 februari 2002 0:26
To: [ISAserver.org Discussion List]
Subject: [isalist] ISA behind a Netscreen
http://www.ISAserver.org
Anyone had any experience setting up a VPN from a Netscreen to another
Netscreen and behind that is an ISA Server? We acquired a company that
uses Netscreens that wants to seup a VPN between our network and theirs.
Problem is that we use ISA server to control access. We can use the
Netscreen to do normal web stuff, but now they want to be able to VPN
between their office and ours and want to use Netscreen
thanks,
Scott
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
stefaan.pouseele@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
