Re: Problems publishing on a perimeter

• From: "Jim Harrison" <jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 15 May 2002 19:56:11 -0700

You can't "publish" with protocol rules; you may be thinking of packet filters 
for a third-leg DMZ.
Troy has drawn a back-back DMZ, in which publishing is the correct method.

Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/authors/harrison/
Read the books!
  ----- Original Message ----- 
  From: John Tolmachoff 
  To: [ISAserver.org Discussion List] 
  Sent: Wednesday, May 15, 2002 5:56 PM
  Subject: [isalist] Re: Problems publishing on a perimeter


  http://www.ISAserver.org


  Also, unless I am wrong, you can not "publish" from the DMZ. You have to 
create protocol rules.



  John Tolmachoff

  IT Manager, Network Engineer

  RelianceSoft, Inc.

  Fullerton, CA  92835

  www.reliancesoft.com



  -----Original Message-----
  From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] 
  Sent: Wednesday, May 15, 2002 4:23 PM
  To: [ISAserver.org Discussion List]
  Subject: [isalist] Re: Problems publishing on a perimeter



  http://www.ISAserver.org

  You need to add the rest of your address space to ISA1 if you want it to use 
them.

  If you use web publishing, you only need one IP..



  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/authors/harrison/
  Read the books!

    ----- Original Message ----- 

    From: Troy Jerkins 

    To: [ISAserver.org Discussion List] 

    Sent: Wednesday, May 15, 2002 2:12 PM

    Subject: [isalist] Problems publishing on a perimeter



    http://www.ISAserver.org

    I'm in desperate need of a solution to the following. The issue is that I 
need to be able to publish multiple web servers on my DMZ. 



    Configuration: Back-to-back Perimeter



    ISPßRouterßISA1ßDMZßISA2ßLAN.



    I have 6 public addresses for use from the ISP. I'll use 66.X.X.209 to 
66.X.X.214 mask = 225.225.225.248

    I have 2 addresses allocated. One on the back end of the router and one on 
the external NIC of ISA1.

    The DMZ is configured with private addresses.



    I can publish 1 (one) web server on the DMZ and that's it. I can't seem to 
publish or set up any filters to allow any other servers to be published.

    I've tried to assign more than one IP to the external NIC in ISA1, but the 
Primary address always blocks access to anything I try to allow through on the 
secondary address which I can see it in the logs. 



    Given my configuration, what would be the best way solve this situation. 
Any help would be GREATLY appreciated. I've been fighting this for some time now



    -Troy



    ------------------------------------------------------
    You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx
    To unsubscribe send a blank email to $subst('Email.Unsub') 

  ------------------------------------------------------
  You are currently subscribed to this ISAserver.org Discussion List as: 
isalist@xxxxxxxxxxxx
  To unsubscribe send a blank email to $subst('Email.Unsub') 

  ------------------------------------------------------
  You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx
  To unsubscribe send a blank email to $subst('Email.Unsub') 

Other related posts:

• » Problems publishing on a perimeter
• » Re: Problems publishing on a perimeter
• » Re: Problems publishing on a perimeter
• » Re: Problems publishing on a perimeter
• » Re: Problems publishing on a perimeter
• » Re: Problems publishing on a perimeter

1. Home
2. isalist
3. Archive
4. 05-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---