Re: RE : Passing traffic
- From: "Jay" <jschwarzkopf@xxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 4 Nov 2002 12:16:33 -0500
>I've found that you can't publish services to the DMZ using the Server
Publishing Rules because you can't have a non routable IP set as the
external interface on ISA server so this option won't work considering that
my dmz interface is 10.112.1.1.
I have plenty of server publishing rules using a private IP on the external
nic, and it's working fine.
----- Original Message -----
From: "Friese, Casey" <cfriese@xxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, November 04, 2002 10:02 AM
Subject: [isalist] RE : Passing traffic
http://www.ISAserver.org
>why not publish these services to the DMZ ?
I've found that you can't publish services to the DMZ using the Server
Publishing Rules because you can't have a non routable IP set as the
external interface on ISA server so this option won't work considering that
my dmz interface is 10.112.1.1.
Thanks for the suggestion though...I thought we were rockin' for a second.
Casey
-----Original Message-----
From: Gérard Dumazet [mailto:gdumazet@xxxxxxxxxxx]
Sent: Sunday, November 03, 2002 3:04 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE : Passing traffic
http://www.ISAserver.org
I am interested also with this problem but i had no time until now to
experiment except like you to open the dmz tunnel with bewan and zyxel
boxes.
I was only thinking something else : to allow traffic means for example for
your remote clients to get access to some services inside your main intranet
: why not publish these services to the DMZ ? in this case while they reach
the dmz they should be able to reach what they need. It is clear that we
can't open ISA in such a way that the firewall would be useless. The same
outside with destination sets.
Let me know what you will finally decide.
gd
-----Message d'origine-----
De : Friese, Casey [mailto:cfriese@xxxxxxxxxxxxx]
Envoyé : dimanche 3 novembre 2002 20:00
À : [ISAserver.org Discussion List]
Objet : [isalist] Passing traffic
http://www.ISAserver.org
I'm trying this question again, see if I can get an answer this time.
I'm trying desperately to get the ISA to allow traffic to pass through it
that is destined for another network.
I have a linksys vpn router hanging off of the ISA's dmz.
VPN router's LAN(DMZ) address is 10.112.1.3
VPN router's WAN address is 140.168.42.60
The remote network also has a linksys vpn router.
VPN router's WAN address is 68.80.66.170
VPN router's LAN address is 10.116.1.1
After establishing the tunnels successfully:
I can successfully communicate with hosts on the ISA's dmz from the remote
network and I can successfully communicate with the remote network from the
hosts on the ISA's dmz.
I can communicate successfully(throughr the ISA)from the hosts on the ISA's
dmz with clients on the local network behind the isa (10.128.0.0).
I cann't communicate with the clients on the local network behind the ISA
from the remote network.
I can't communicate with the clients on the remote network from clients on
the local network behind the ISA.
How do I set the ISA to allow the traffic destined for the local network
(10.128.0.0) from the remote network (10.116.1.0) pass through it and vice
versa?
Any help would be greatly appreciated!
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows Security
Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gdumazet@xxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
__________________________________________________________________
Haut Débit: Modem offert soit 150,92 euros remboursés sur le Pack eXtense de
Wanadoo ! Profitez du Haut Débit à partir de 30 euros/mois :
http://www.ifrance.com/_reloc/w
__________________________________________________________________
Haut Débit: Modem offert soit 150,92 euros remboursés sur le Pack eXtense de
Wanadoo ! Profitez du Haut Débit à partir de 30 euros/mois :
http://www.ifrance.com/_reloc/w
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows Security
Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
cfriese@xxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jschwarzkopf@xxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
