RE: Isa2k4 and IPSec VPN to Cisco Router
- From: "Ball, Dan" <DBall@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 7 Feb 2005 15:34:43 -0500
I guess it all depends on how you have your networks setup (which is
what prompted my other discussion). Sorry, I had deleted all the
previous messages, so I don't remember the details.
To summarize it, If you have one internal network NIC in the ISA
computer, and all of your subnets are behind it, you need to add those
IP ranges into the ISA Network Configurations, and add a ROUTE command
to make sure those ranges are going to the right NIC. Or, possibly,
increase the subnet mask to make the subnets included. Okay, there is a
"little more" to it than that, but that will summarize it.
If you have more than one internal network NIC in your ISA computer, you
have to do things differently. That is where I haven't found any
articles referencing that setup, I had to do most of it trail and error.
Which one do ya got?
The "Firewall Policy" part is only if you want to have different
settings for different subnets. If you want all of your Internal
networks to use the same settings, then don't worry about it.
________________________________
From: Paul Crisp [mailto:pcrisp@xxxxxxxxxxxxxxxxx]
Sent: Monday, February 07, 2005 14:59
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Isa2k4 and IPSec VPN to Cisco Router
http://www.ISAserver.org
ok guys i thought i cracked it but now i'm slightly confused since
reading Clints 'Network behind a network' document and also visited the
discussion.
In the document it states :-
<-snip->
Can i now presume that i add my physically connected subnet to the
'Internal' network as well as my other subnets to the 'Internal'
network, but i also create Subnet Objects for my other subnets and
modify the Firewall Policy Access Rules to reflect these changes ?
Sorry for being a dumb a$$
Paul
Other related posts:
