RE: Is this the right way to add these "internal" networks

• From: "Rob Moore" <RMoore@xxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 18 Aug 2004 09:31:50 -0400

Can you forward me chapter 4?  ;-)
 
I'll check out that section of the help file.
 
R.

  _____  

From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Wednesday, August 18, 2004 9:30 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Is this the right way to add these "internal"
networks


http://www.ISAserver.org

Hi Rob,
 
Is this the "network within a network scenario" discussed in the help
file? If so, I've got a big section on this issue in chapter 4 of the
book. A lot of people are running into this problem and its sort of
interesting once you bring the Firewall client into the mix :-))
 
Tom
www.isaserver.org/shinder <http://www.isaserver.org/shinder> 
Get the book!
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- ISA Firewalls

        -----Original Message-----
        From: Rob Moore [mailto:RMoore@xxxxxxxx] 
        Sent: Wednesday, August 18, 2004 8:22 AM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] Is this the right way to add these "internal"
networks
        
        
        http://www.ISAserver.org
        

        Good morning-- 

        My network consists of one main network (172.17.200.0) which is
connected to a bunch of remote networks (192.168.x.x) through VPNs
maintained by IPCop firewalls. The IPCop (freeware) firewalls all VPN
back to the home office, here, to another IPCop firewall which is on the
172.17.200.0 network.

        On my previous firewalls (ISA 2000 and something called
WinRoutePro) all I had to do was create static routes to a given
network, indicating that the internal IPCop firewall should be the
gateway for these sites and voila, traffic flowed. After struggling with
this on ISA 2004 for a while this morning I've come up with two
additional necessary steps: 1. I have to add the various 192.168.x.x
networks to the Internal network; and 2. To ping or RDP to those remote
networks I have to create a firewall access rule that allows pinging and
RDPing from the Internal Network to All Protected Networks. (I suppose
I'll have to set up similar rules for the other traffic, such as SMTP
and HTTP, that goes between the home site and the remote sites?)


        Is this the "right" way to do this? Is there a better, more
secure way? 
        Thanks, 
        Rob 

        ------------------------------------------------------
        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
        ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Other Internet Software Marketing Sites:
        World of Windows Networking: http://www.windowsnetworking.com
        Leading Network Software Directory: http://www.serverfiles.com
        No.1 Exchange Server Resource Site: http://www.msexchange.org
        Windows Security Resource Site: http://www.windowsecurity.com/
        Network Security Library: http://www.secinf.net/
        Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as: tshinder@xxxxxxxxxxxxxxxxxx
        To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
rmoore@xxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

Other related posts:

• » Is this the right way to add these "internal" networks
• » RE: Is this the right way to add these "internal" networks
• » RE: Is this the right way to add these "internal" networks
• » RE: Is this the right way to add these "internal" networks
• » RE: Is this the right way to add these "internal" networks
• » RE: Is this the right way to add these "internal" networks
• » RE: Is this the right way to add these "internal" networks
• » RE: Is this the right way to add these "internal" networks
• » RE: Is this the right way to add these "internal" networks
• » RE: Is this the right way to add these "internal" networks
• » RE: Is this the right way to add these "internal" networks

1. Home
2. isalist
3. Archive
4. 08-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---