RE: RE : RE: RE : RE : Passing traffic
- From: "Friese, Casey" <cfriese@xxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 4 Nov 2002 15:29:05 -0500
Someone surely has to be doing this. I've been doing this for years with other
firewalls...all of a sudden ISA emerges as a firewall and it's not supported?
I find that hard to believe. And, if it's not...is it poor planning on
Microsoft's part or another ploy to make companies change their technology to
interoperate with their's?
I need the intenal Linksys on the DMZ because having the
-----Original Message-----
From: Gérard Dumazet [mailto:gdumazet@xxxxxxxxxxx]
Sent: Monday, November 04, 2002 3:16 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE : RE: RE : RE : Passing traffic
http://www.ISAserver.org
Right! Do you really need the internal Linksys ? If you have an adsl router
with no NAT between the router and ISA, you should be able to have the tunnel
you are looking for ?
I have no experience but I al astonished that no one is offering a solution ?
sure many guys on this list have such config working.
-----Message d'origine-----
De : Friese, Casey [mailto:cfriese@xxxxxxxxxxxxx]
Envoyé : lundi 4 novembre 2002 20:50
À : [ISAserver.org Discussion List]
Objet : [isalist] RE: RE : RE : Passing traffic
http://www.ISAserver.org
I would love to do a gateway to gateway vpn using the Linksys and ISA; My
problem? The Linksys doesn't surrport L2TP and according to Microsoft "If you
implement private network addressing in the perimeter network, you cannot use
IPSec or Kerberos authentication."
-----Original Message-----
From: Gérard Dumazet [mailto:gdumazet@xxxxxxxxxxx]
Sent: Monday, November 04, 2002 2:42 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE : RE : Passing traffic
http://www.ISAserver.org
I understand your point. The vpn router is used at the moment as an end point,
why not to open the tunnel from the remote vpn server direct to ISA, the second
vpn router being only a router with correct ports opened and a route from its
internal interface to the external interface of ISA ???
No way to have some assistance somewhere? I asked MS support about that but the
guy told me that this is outside their scope!
-----Message d'origine-----
De : Friese, Casey [mailto:cfriese@xxxxxxxxxxxxx]
Envoyé : lundi 4 novembre 2002 16:03
À : [ISAserver.org Discussion List]
Objet : [isalist] RE : Passing traffic
http://www.ISAserver.org
>why not publish these services to the DMZ ?
I've found that you can't publish services to the DMZ using the Server
Publishing Rules because you can't have a non routable IP set as the external
interface on ISA server so this option won't work considering that my dmz
interface is 10.112.1.1.
Thanks for the suggestion though...I thought we were rockin' for a second.
Casey
-----Original Message-----
From: Gérard Dumazet [mailto:gdumazet@xxxxxxxxxxx]
Sent: Sunday, November 03, 2002 3:04 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE : Passing traffic
http://www.ISAserver.org
I am interested also with this problem but i had no time until now to
experiment except like you to open the dmz tunnel with bewan and zyxel boxes.
I was only thinking something else : to allow traffic means for example for
your remote clients to get access to some services inside your main intranet :
why not publish these services to the DMZ ? in this case while they reach the
dmz they should be able to reach what they need. It is clear that we can't open
ISA in such a way that the firewall would be useless. The same outside with
destination sets.
Let me know what you will finally decide.
gd
-----Message d'origine-----
De : Friese, Casey [mailto:cfriese@xxxxxxxxxxxxx]
Envoyé : dimanche 3 novembre 2002 20:00
À : [ISAserver.org Discussion List]
Objet : [isalist] Passing traffic
http://www.ISAserver.org
I'm trying this question again, see if I can get an answer this time.
I'm trying desperately to get the ISA to allow traffic to pass through it that
is destined for another network.
I have a linksys vpn router hanging off of the ISA's dmz.
VPN router's LAN(DMZ) address is 10.112.1.3
VPN router's WAN address is 140.168.42.60
The remote network also has a linksys vpn router.
VPN router's WAN address is 68.80.66.170
VPN router's LAN address is 10.116.1.1
After establishing the tunnels successfully:
I can successfully communicate with hosts on the ISA's dmz from the remote
network and I can successfully communicate with the remote network from the
hosts on the ISA's dmz.
I can communicate successfully(throughr the ISA)from the hosts on the ISA's dmz
with clients on the local network behind the isa (10.128.0.0).
I cann't communicate with the clients on the local network behind the ISA from
the remote network.
I can't communicate with the clients on the remote network from clients on the
local network behind the ISA.
How do I set the ISA to allow the traffic destined for the local network
(10.128.0.0) from the remote network (10.116.1.0) pass through it and vice
versa?
Any help would be greatly appreciated!
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows Security
Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gdumazet@xxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')
__________________________________________________________________
Haut Débit: Modem offert soit 150,92 euros remboursés sur le Pack eXtense de
Wanadoo ! Profitez du Haut Débit à partir de 30 euros/mois :
http://www.ifrance.com/_reloc/w
__________________________________________________________________
Haut Débit: Modem offert soit 150,92 euros remboursés sur le Pack eXtense de
Wanadoo ! Profitez du Haut Débit à partir de 30 euros/mois :
http://www.ifrance.com/_reloc/w
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows Security
Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
cfriese@xxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows Security
Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gdumazet@xxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')
__________________________________________________________________
Haut Débit: Modem offert soit 150,92 euros remboursés sur le Pack eXtense de
Wanadoo ! Profitez du Haut Débit à partir de 30 euros/mois :
http://www.ifrance.com/_reloc/w
__________________________________________________________________
Haut Débit: Modem offert soit 150,92 euros remboursés sur le Pack eXtense de
Wanadoo ! Profitez du Haut Débit à partir de 30 euros/mois :
http://www.ifrance.com/_reloc/w
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows Security
Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
cfriese@xxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows Security
Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gdumazet@xxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')
__________________________________________________________________
Haut Débit: Modem offert soit 150,92 euros remboursés sur le Pack eXtense de
Wanadoo ! Profitez du Haut Débit à partir de 30 euros/mois :
http://www.ifrance.com/_reloc/w
__________________________________________________________________
Haut Débit: Modem offert soit 150,92 euros remboursés sur le Pack eXtense de
Wanadoo ! Profitez du Haut Débit à partir de 30 euros/mois :
http://www.ifrance.com/_reloc/w
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows Security
Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
cfriese@xxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
