[isalist] Is this possible with ISA 2004 : source NAT before tunneling the traffic ?

  • From: "Stefaan Pouseele" <stefaan.pouseele@xxxxxxxxx>
  • To: <isalist@xxxxxxxxxxxxx>
  • Date: Sat, 1 Apr 2006 12:22:44 +0200

http://www.ISAserver.org
-------------------------------------------------------
  
Hey guys, 

We have an ISA 2004 SE server with public IP's on the external interface.
The internal network uses a 10/8 numbering scheme. Now we must configure a
site-to-site IPSec tunnel mode VPN to a Juniper box. However, we must NAT
the traffic to a network ID assigned by the remote site *before* sending the
traffic accross the VPN tunnel (source NAT before tunneling the traffic). 

Take note that: 
- only general outbound traffic accross the VPN tunnel is needed. 
- if inbound traffic is needed accross the VPN tunnel then a publishing
scenario should be possible.
- there is *no* overlapping between the internal network ID and the network
ID we must translate to. 

Can this be done on an ISA 2004 and still be manageable?

Thanks,
Stefaan

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/  
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp 
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ 
ISA Server Blogs: http://blogs.isaserver.org/ 
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com 
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp 
Report abuse to listadmin@xxxxxxxxxxxxx 

Other related posts: