Re: RES: Need help with the VPN and ISA 2000 setup
- From: tim S <tim724342@xxxxxxxxx>
- To: "\[ISAserver.org Discussion List\]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 3 Dec 2004 06:10:41 -0800 (PST)
Tiago,
Thanks for the reply. I set up a static route for the netscreen box.
Everything works okay. The mgt. doesn't want anyone from the remote network
into our network. The only traffic via this VPN gateway is our outgoing
traffic to the remote network. I guess as long as I don't add the netscreen's
private subnet to LAT, ISA won't allow the incoming traffic initated from the
remote network.
Tiago de Aviz <Tiago@xxxxxxxxxxxxxxx> wrote:
v\:* {behavior:url(#default#VML);}o\:* {behavior:url(#default#VML);}w\:*
{behavior:url(#default#VML);}.shape
{behavior:url(#default#VML);}http://www.ISAserver.org
Well, i guess it´ll only work if you set a static route on your ISA so it can
find the remote network. But I think it would be easier if you plugged the
netscreen on the internal network instead of plugging it on another NIC on the
ISA box.
Tiago
---------------------------------
De: tim S [mailto:tim724342@xxxxxxxxx]
Enviada em: quinta-feira, 2 de dezembro de 2004 14:21
Para: [ISAserver.org Discussion List]
Assunto: [isalist] Need help with the VPN and ISA 2000 setup
http://www.ISAserver.org
Hi,
I would like to know if this setup will work. I have an ISA2000 server running
on w2k3 server with three NICs (two external and one internal). And I have a
netscreen VPN gateway box. Here is my setup.
Internet
|
|
Cisco Router -----------------------
| |
| |
ISA 2000 --------Netscreen VPN gateway box
|
|
Internal network (private)
One of our customers didn't want to open a VPN gateway via the ISA2000 so they
sent us the netscreen. The second external ISA NIC connecting netscreen box
has private IP. As usual, it doesn't have a default gateway. The only NIC
with default gateway is the one that connects to CISCO router directly.
My question is what happens to the outgoing traffic for Netscreen box? Does it
always go through the default gateway? If the traffic is intended for
netscreen VPN gateway, does the second NIC get the traffic? Thanks
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com ------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server
Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------ Other Internet Software
Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server Resource Site: http://www.msexchange.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------ You are currently
subscribed to this ISAserver.org Discussion List as: tiago@xxxxxxxxxxxxxxx To
unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report
abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tim724342@xxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
---------------------------------
Do you Yahoo!?
Send a seasonal email greeting and help others. Do good.
Other related posts:
