RE: RES: Re: RES: access from a pix

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 10 Dec 2004 12:35:43 -0600

Hi Tiago,
 
Exactly! I didn't know you were an ISA 2004 pro :-)
 
But since you are, how about another article for the Web site? ;-))
 
Thanks!
 
Tom
www.isaserver.org/shinder <http://www.isaserver.org/shinder> 
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- ISA Firewalls

 

________________________________

From: Tiago de Aviz [mailto:Tiago@xxxxxxxxxxxxxxx] 
Sent: Friday, December 10, 2004 12:17 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RES: Re: RES: access from a pix


http://www.ISAserver.org


In ISA 2004 you can create a route relationship between both networks;
You'd just have to create route relationships, and create routes on all
PIXes and on the ISA so everyone can see each other.

 

________________________________

De: Scott Vansingel [mailto:Scott_Vansingel@xxxxxxxxxx] 
Enviada em: sexta-feira, 10 de dezembro de 2004 16:02
Para: [ISAserver.org Discussion List]
Assunto: [isalist] Re: RES: access from a pix

 

http://www.ISAserver.org 
Ok more detail. 
 The situation or network config: 
Workstation - - Pix 501 - - - VPN tunnle Pix to Pix - - - - Pix506
(Passing a 192.1.1.1)  - - - ISA2004 (Internal has a 10.1.1.1) - - - -
Internal Netwrok. 

Would be nice if the uses can run the apps without using a Remote
desktop or Terminal Service. 
So if the users launch a app, it will go through the Pix to Pix then it
is on the ISA side. So can I take just the one IP from the remote Pix
and allow it to get access to the servers on the inside? 



Scott Van Singel  MCSE, MCP
Network Engineer / Consultant
Keller Schroeder & Associates
Phone: (812) 474-6825  Ext. 378
Email: Svansingel@xxxxxxxxxx 



"Tiago de Aviz" <Tiago@xxxxxxxxxxxxxxx> 

12/10/2004 11:57 AM 

Please respond to
"[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>

To

"[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> 

cc

 

Subject

[isalist] RES: access from a pix

 

 

 




http://www.ISAserver.org 
Ohhhh boy, just wait till Tom hears this! ;) 
  
Are you using ISA 2000 or ISA 2004? 
  
No, you can't do that way. 
  
Basically, all you'd have to do is publish the service you want the
remote users want to access, since ISA will hold an 192.x.x.x address
and you can't just "let everyone in". 
  
Tiago 
  

 

________________________________


De: Scott Vansingel [mailto:Scott_Vansingel@xxxxxxxxxx] 
Enviada em: sexta-feira, 10 de dezembro de 2004 13:58
Para: [ISAserver.org Discussion List]
Assunto: [isalist] access from a pix 
  
http://www.ISAserver.org 
Group, 

I have a question regarding access from a pix. 
I have a remote site that we are going to put a Cisco pix in place. They
will communicate with us from their pix to ours. 
Once the traffic is passed through the pix it will come to the ISA
server. 
Users at the remote site need to run applications on our side, so they
normally used Remote desktop. 
After the Pixes are done, the traffic will look like it is coming from a
192. IP. 
so picture this. 

Workstation - - Pix - - - VPN tunnle Pix to Pix - - - - Pix - - - ISA -
- - - Internal Netwrok. 

So, my question is, can I put a rule in the Firwall to allow all traffic
from 192.1.1.1 (example) to all IP resources on Internal side? 

Thanks 


Scott Van Singel  MCSE, MCP
Network Engineer / Consultant
Keller Schroeder & Associates
Phone: (812) 474-6825  Ext. 378
Email: Svansingel@xxxxxxxxxx
------------------------------------------------------ List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server
Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server
FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------ Other Internet
Software Marketing Sites: World of Windows Networking:
http://www.windowsnetworking.com Leading Network Software Directory:
http://www.serverfiles.com No.1 Exchange Server Resource Site:
http://www.msexchange.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------ You are currently
subscribed to this ISAserver.org Discussion List as:
tiago@xxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to
listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
Scott_Vansingel@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------ List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server
Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server
FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------ Other Internet
Software Marketing Sites: World of Windows Networking:
http://www.windowsnetworking.com Leading Network Software Directory:
http://www.serverfiles.com No.1 Exchange Server Resource Site:
http://www.msexchange.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------ You are currently
subscribed to this ISAserver.org Discussion List as:
tiago@xxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to
listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

Other related posts:

• » RES: Re: RES: access from a pix
• » RE: RES: Re: RES: access from a pix

1. Home
2. isalist
3. Archive
4. 12-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---