RE: Network-within-network problem on ISA 2004 appears solved

• From: "Rob Moore" <RMoore@xxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 28 Sep 2004 12:34:43 -0400

I could probably come up with something. I've never set up a router
before, though.

  _____  

From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Tuesday, September 28, 2004 12:30 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Network-within-network problem on ISA 2004
appears solved


http://www.ISAserver.org

Hi Rob,
 
There MUST be a better solution than that. Isn't there a router on the
premises that can take care of this?
 
Tom
www.isaserver.org/shinder <http://www.isaserver.org/shinder> 
Get the book!
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- ISA Firewalls

        -----Original Message-----
        From: Rob Moore [mailto:RMoore@xxxxxxxx] 
        Sent: Tuesday, September 28, 2004 11:01 AM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] Network-within-network problem on ISA 2004
appears solved
        
        
        http://www.ISAserver.org
        

        Hello everyone-- 

        I've sent the list several emails on the
network-within-a-network issue, and corresponded with Tom Shinder both
on and off the list on this topic. I've been tearing my hair out over it
for several weeks now. It finally occurred to me that I could probably
get this solved fairly quickly by calling Microsoft PSS, which is what I
did this morning. It was a fairly cheap route to get this problem
solved, and now I can actually start putting ISA 2004 into production!

        Anyway, I think there are many of you out there with network
configurations similar to what I've got. So I'm guessing some of you
might like to hear about the solution. Here it is. I have an internal
172.17.x.x network. I also have roughly 35 192.168.x.x networks that are
all physically remote, but network-wise they are internal: they all go
through a third party firewall/VPN device to connect to the home
network. So here at the home site, we have had two firewalls: ISA 2000
and IPCop (the third party device). With the addition of static routes
on the ISA 2000 server pointing to the IPCop firewall, everything worked
fine on ISA 2000. It didn't work so well with ISA 2004--communications
between the remote subnets and the home office subnet were quirky at
best, non-existent at worst. The solution was quite simple: every server
in the 172.17.x.x subnet needs to have persistent static routes added
for all the 35 remote subnets, all the 172.17.x.x workstations that need
to communicate with the remote subnets also need these same persistent
static routes, and for good measure I added a static route to each of
the remote servers to tell them how to get to the 172.17.x.x subnet. 

        It's been a few hours and all my communication woes are solved,
at least for now! 

        Keeping my fingers crossed, 
        Rob 

        ------------------------------------------------------
        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
        ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Other Internet Software Marketing Sites:
        World of Windows Networking: http://www.windowsnetworking.com
        Leading Network Software Directory: http://www.serverfiles.com
        No.1 Exchange Server Resource Site: http://www.msexchange.org
        Windows Security Resource Site: http://www.windowsecurity.com/
        Network Security Library: http://www.secinf.net/
        Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as: tshinder@xxxxxxxxxxxxxxxxxx
        To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
rmoore@xxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

Other related posts:

• » Network-within-network problem on ISA 2004 appears solved
• » RE: Network-within-network problem on ISA 2004 appears solved
• » RE: Network-within-network problem on ISA 2004 appears solved
• » RE: Network-within-network problem on ISA 2004 appears solved
• » RE: Network-within-network problem on ISA 2004 appears solved
• » RE: Network-within-network problem on ISA 2004 appears solved
• » RE: Network-within-network problem on ISA 2004 appears solved
• » RE: Network-within-network problem on ISA 2004 appears solved
• » RE: Network-within-network problem on ISA 2004 appears solved
• » RE: Network-within-network problem on ISA 2004 appears solved
• » RE: Network-within-network problem on ISA 2004 appears solved
• » RE: Network-within-network problem on ISA 2004 appears solved

1. Home
2. isalist
3. Archive
4. 09-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---