RE: Publish Internal Terminal Server which is behind layer 3 switch

• From: "Stefaan Pouseele" <stefaan.pouseele@xxxxxxx>
• To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 12 Nov 2002 20:54:33 +0100

Hi Carson,

check out
http://www.isaserver.org/tutorials/Designing_An_ISA_Server_Solution_on_a_Com
plex_Network.html

HTH,
Stefaan

-----Original Message-----
From: Carson Tu [mailto:ctu@xxxxxxxxxxxx]
Sent: dinsdag 12 november 2002 18:33
To: [ISAserver.org Discussion List]
Subject: [isalist] Publish Internal Terminal Server which is behind
layer 3 switch


http://www.ISAserver.org


I don't mean to ask everybody back to previous discussion of TS publish. But
my case is different. Because there is a layer 3 switch in this picture. 

I have ISA server connecting to public network and internally 192.168.2.x
network. There is another internal subnet, 192.168.5.x, in which we have a
win2K server with TS need to be publish into internet. The 2 internal subnet
are connected by Exterme Summit48 switch with VLAN. We do add route to both
the switch and our ISA server. Routing is working fine.
I have successfully publish some server on 192.168.2.x subnet with
alternative port. But when I do the same to the server on 5.x subnet, I
cannot connect it through external network. The interesting thing is, if I
eliminate the IP package filter on ISA by enable the "Allow ALL" rule. The
publishing of 5.x subnet works! If I disable "allow all" rule, just have the
default rule plus enable "allow TCP 33xx/both direction" rule, the TS
publish doesn't work for 192.168.5.x subnet. But, it work for 192.168.2.x
subnet. So, I believe, I must have to setup a new IP package filter for 5.x
subnet TS publishing. 

Does anybody have idea about what kind of IP package filter I need to setup?
This filter must not need for 2.x subnet, which is connecting to ISA
internal NIC directly. How does the layer 3 switch make a different IP
package?

Thanks.

Carson 

List Sponsored by Aspelle
Aspelle's Microsoft-centric, Aspelle Everywhere, leverages ISA server and
the Internet to quickly and cost-effectively manage and deliver secure,
client-less access to all corporate applications (Web, Unix, Windows and
legacy systems), for all users.
More info at http://www.aspelle.com/info

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
stefaan.pouseele@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » Publish Internal Terminal Server which is behind layer 3 switch
• » RE: Publish Internal Terminal Server which is behind layer 3 switch
• » Re: Publish Internal Terminal Server which is behind layer 3 switch
• » RE: Publish Internal Terminal Server which is behind layer 3 switch

1. Home
2. isalist
3. Archive
4. 11-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---