[isalist] Re: Looking for pitfalls

  • From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
  • To: <isalist@xxxxxxxxxxxxx>,<isalist@xxxxxxxxxxxxx>
  • Date: Mon, 8 Oct 2007 08:33:28 -0700

That's what I was going to say ;)

It's not "multiple domains behind ISA," it's the way you want trust to work 
within those "multiple domains behind ISA."

If you don't have some sort of cross-trust relationship between the domains, 
only users within the domain that the ISA server is a member of can use rules 
that require user authentication (including certificates).

t

________________________________

From: isalist-bounce@xxxxxxxxxxxxx on behalf of Jim Harrison
Sent: Fri 10/5/2007 12:49 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Looking for pitfalls



http://www.ISAserver.org <http://www.isaserver.org/>
-------------------------------------------------------

the question of cross-ISA domain / forest traffic is gonna make you drink 
(more).

-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Thomas W Shinder
Sent: Friday, October 05, 2007 11:50 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Looking for pitfalls

http://www.ISAserver.org <http://www.isaserver.org/>
-------------------------------------------------------

Ha! I'll brew a pot on your behalf and I already have the skittles in my
desk drawer :)

-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of JB
Sent: Friday, October 05, 2007 1:37 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Looking for pitfalls

http://www.ISAserver.org <http://www.isaserver.org/>
-------------------------------------------------------

Brilliant!!!

How do I send you a pot of coffee and bag of skittles? ;-)
On Oct 5, 2007, at 11:28 AM, Thomas W Shinder wrote:

> http://www.ISAserver.org <http://www.isaserver.org/>
> -------------------------------------------------------
>
> Sounds like an excellent scenario for an article! I'll pound it out
> this
> weekend.
>
> Thanks!
>
> Tom
>
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-
> bounce@xxxxxxxxxxxxx]
> On Behalf Of JB
> Sent: Friday, October 05, 2007 12:12 PM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Looking for pitfalls
>
> I would like to indulge the minds of ISA List on the pitfalls of
> having
> two separate networks/domains behind one ISA 2006 firewall.
>
> The main question: How does authentication in ISA 2006 work with two
> domains?
>
> Any thoughts would be greatly appreciated - I should probably rephrase
> this ;-)
>
> Scenario:
> Both domains are Windows 2003.
> Both domains have Exchange servers publishing OWA etc...
> Both domains have users requiring RDP and VPN access All users except
> admins are not allowed into opposing network
>
>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials: http://www.isaserver.org/
> articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com <http://www.techgenix.com/>
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com <http://www.techgenix.com/>
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx



------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com <http://www.techgenix.com/>
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com <http://www.techgenix.com/>
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 10-2007