RE : RE : Passing traffic
- From: Gérard Dumazet <gdumazet@xxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 4 Nov 2002 20:41:58 +0100
I understand your point. The vpn router is used at the moment as an end
point, why not to open the tunnel from the remote vpn server direct to
ISA, the second vpn router being only a router with correct ports opened
and a route from its internal interface to the external interface of ISA
???
No way to have some assistance somewhere? I asked MS support about that
but the guy told me that this is outside their scope!
-----Message d'origine-----
De : Friese, Casey [mailto:cfriese@xxxxxxxxxxxxx]
Envoyé : lundi 4 novembre 2002 16:03
À : [ISAserver.org Discussion List]
Objet : [isalist] RE : Passing traffic
http://www.ISAserver.org
>why not publish these services to the DMZ ?
I've found that you can't publish services to the DMZ using the Server
Publishing Rules because you can't have a non routable IP set as the
external interface on ISA server so this option won't work considering
that my dmz interface is 10.112.1.1.
Thanks for the suggestion though...I thought we were rockin' for a
second.
Casey
-----Original Message-----
From: Gérard Dumazet [mailto:gdumazet@xxxxxxxxxxx]
Sent: Sunday, November 03, 2002 3:04 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE : Passing traffic
http://www.ISAserver.org
I am interested also with this problem but i had no time until now to
experiment except like you to open the dmz tunnel with bewan and zyxel
boxes.
I was only thinking something else : to allow traffic means for example
for your remote clients to get access to some services inside your main
intranet : why not publish these services to the DMZ ? in this case
while they reach the dmz they should be able to reach what they need. It
is clear that we can't open ISA in such a way that the firewall would be
useless. The same outside with destination sets.
Let me know what you will finally decide.
gd
-----Message d'origine-----
De : Friese, Casey [mailto:cfriese@xxxxxxxxxxxxx]
Envoyé : dimanche 3 novembre 2002 20:00
À : [ISAserver.org Discussion List]
Objet : [isalist] Passing traffic
http://www.ISAserver.org
I'm trying this question again, see if I can get an answer this time.
I'm trying desperately to get the ISA to allow traffic to pass through
it that is destined for another network.
I have a linksys vpn router hanging off of the ISA's dmz.
VPN router's LAN(DMZ) address is 10.112.1.3
VPN router's WAN address is 140.168.42.60
The remote network also has a linksys vpn router.
VPN router's WAN address is 68.80.66.170
VPN router's LAN address is 10.116.1.1
After establishing the tunnels successfully:
I can successfully communicate with hosts on the ISA's dmz from the
remote network and I can successfully communicate with the remote
network from the hosts on the ISA's dmz.
I can communicate successfully(throughr the ISA)from the hosts on the
ISA's dmz with clients on the local network behind the isa (10.128.0.0).
I cann't communicate with the clients on the local network behind the
ISA from the remote network.
I can't communicate with the clients on the remote network from clients
on the local network behind the ISA.
How do I set the ISA to allow the traffic destined for the local network
(10.128.0.0) from the remote network (10.116.1.0) pass through it and
vice versa?
Any help would be greatly appreciated!
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows
Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT
Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gdumazet@xxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
__________________________________________________________________
Haut Débit: Modem offert soit 150,92 euros remboursés sur le Pack
eXtense de Wanadoo ! Profitez du Haut Débit à partir de 30 euros/mois :
http://www.ifrance.com/_reloc/w
__________________________________________________________________
Haut Débit: Modem offert soit 150,92 euros remboursés sur le Pack
eXtense de Wanadoo ! Profitez du Haut Débit à partir de 30 euros/mois :
http://www.ifrance.com/_reloc/w
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows
Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT
Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
cfriese@xxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gdumazet@xxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
__________________________________________________________________
Haut Débit: Modem offert soit 150,92 euros remboursés sur le Pack
eXtense de Wanadoo !
Profitez du Haut Débit à partir de 30 euros/mois :
http://www.ifrance.com/_reloc/w
__________________________________________________________________
Haut Débit: Modem offert soit 150,92 euros remboursés sur le Pack eXtense de
Wanadoo !
Profitez du Haut Débit à partir de 30 euros/mois :
http://www.ifrance.com/_reloc/w
Other related posts:
