Tom, Thanks. I will set that up and test it out. Have a good weekend! Brian Reeves Network Administrator -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Thursday, August 28, 2003 10:35 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Point-to-point T1 connection with Hub & Spoke VPN Network http://www.ISAserver.org Hi Brian, Remember to put all trusted networks into the LAT. HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Reeves, Brian [mailto:bjr@xxxxxxxxxxxxxx] Sent: Thursday, August 28, 2003 9:58 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Point-to-point T1 connection with Hub & Spoke VPN Network http://www.ISAserver.org Tom, Yes, the network is a trusted network. I configured the Domain Server when it was part of the main network, and then configured it on the new network. It is a member of the same root domain as all of the other networks, the only difference is that it is connected to the main network through a few cisco routers over a T1, and the termination of that cable is from the DMZ nic on the remote server and the DMZ nic on the hub. I even went into RRAS and configured the routing to move traffic destined for that particular subnet through the DMZ nic. The problem is that the two networks just will not see each other. Thanks, Brian Reeves Network Administrator -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Wednesday, August 27, 2003 7:29 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Point-to-point T1 connection with Hub & Spoke VPN Network http://www.ISAserver.org Hi Brian, Is the remote site a trusted network? If so, you can enable routing between the internal interfaces and all traffic will move through like any other router. HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Brian Reeves [mailto:bjr@xxxxxxxxxxxxxx] Sent: Wednesday, August 27, 2003 1:57 PM To: [ISAserver.org Discussion List] Subject: [isalist] Point-to-point T1 connection with Hub & Spoke VPN Network http://www.ISAserver.org I currently have a "Hub and Spoke" network setup for my organization using ISA servers at each of our three sites. (Courtesy of documentation from isaserver.org, THX!) Two of these sites are VPN Gateway sites, connecting to the main site through the Internet over broadband. Right now, this works just great for communicating with each site. My problem is that now, we are adding another site less than 30 miles away, but we are running point-to-point T1 lines between the facilities for communication. This site will be as large as our current site (Which has 140 clients, whereas the two remote sites only have 5 each), and I want to know if it is possible to connect it over the private T1, using the ISA server as the hub. This new site will have its own Domain server and ISA server for forwarding traffic upstream across the T-1 to our main site. Clients on the remote network will be operating in the same domain as everyone else, just residing in a different subnet. This configuration would basically make my main ISA server (The hub) a tri-homed server. One connection to the external T-1, one internal connection, and one connection to the T-1 at our remote site. Is there possibly a better way to do this? I did not want to connect my routers directly to the switches because I need to be able to control and regulate traffic going across the T-1. Thank you for any help that you can provide! ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: bjr@xxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: bjr@xxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')