and dont use isa 2006!! its beta.. use 2004.. Greg Mulholland ________________________________ From: isalist-bounce@xxxxxxxxxxxxx on behalf of Egyptian Mind Sent: Mon 22/05/2006 1:45 AM To: isalist@xxxxxxxxxxxxx Cc: gen_sib@xxxxxxxxx Subject: [isalist] Re: SME LAN and ISA http://www.ISAserver.org ------------------------------------------------------- 1- install the ISA server after the adsl router and before the switch. 2- put two interface cards in the server 3- attach one interface with the adsl router ( outside ) and the other to the unmanged switch ( inside ) 4- assign an IP from your local lan to the inside interface 5- assign any IP of the range that given from the ISP ( after the router nat ) to the ouside interface 6- make ur own rules on the ISA server BASIC SME NETWork SETUP Internet Cloud | | | | ADSL (AZTECH ETHERNET USB) Broadband Router DHCP | _____________________________ | | | |___outside interface ( 10.11.1.1/24) | ISA Server ___insdie interface ( 192.168.1.1/24 ) | | |_____________________________| | |______________________ LoCAL AREA NETWORK (Unmanaged Switch) LAN IP Address 192.168.1.0/24 ______________________________ SBS2003-BOX (HP DL3*) LINUX-Box (HP DL3*) AD OpenSource Helpdesk System DHCP OpenSource Network Monitoring(nagios, nmis) DNS SMS Pager Intranet AV(clamWin Free AV) Accounting MAILs (Pulled from ISP thru pop3 connector) CRM WSUS AV (clamWin Free AV + AVG) !~` Yesterday is a History` ~! !~` Tomorrow is a Mystery` ~! !~` Today is a Gift` ~! !~` So we call it ...............` ~! !~` Present .......Simple` ~! Mob : +966 50 2953591 ________________________________ From: Gene Sibbs <gen_sib@xxxxxxxxx> Reply-To: isalist@xxxxxxxxxxxxx To: isalist@xxxxxxxxxxxxx Subject: [isalist] SME LAN and ISA Date: Sun, 21 May 2006 02:25:59 -0700 (PDT) Greetings, I have attached a basic LAN setup diagram and I would like to pick your brains as far as the security is concerned. My objective is that the In/Outbound traffic must pass thru ISA box Base on the attached design I feel that the security is lacking. I have downloaded ISA 2006 BETA version...and I want to introduce ISA Server as a member of the family to beef-up security. How can I make ISA Server 2006 beta play with this basic design, bearing in mind that I don't have a static IP address from my ISP. My ADSL is dhcp obtaining the IP address from ISP. I want to run ISA2006 on a separate box completely. With many thanks! Gene Sibbs ________________________________ New Yahoo! Messenger with Voice. Call regular phones from your PC <http://us.rd.yahoo.com/mail_us/taglines/postman5/*http://us.rd.yahoo.com/evt=39666/*http://messenger.yahoo.com> and save big. ________________________________ Feel free to call! Free PC-to-PC calls. Low rates on PC-to-Phone. Get Yahoo! Messenger with Voice <http://us.rd.yahoo.com/mail_us/taglines/postman10/*http://us.rd.yahoo.com/evt=39663/*http://messenger.yahoo.com> >BASIC SME NETWork SETUP > >Internet Cloud > | > | > | > | >ADSL (AZTECH ETHERNET USB) Broadband Router > DHCP > | > | > | >________|______________________ >LoCAL AREA NETWORK (Unmanaged Switch) >LAN IP Address 10.11.1.0/24 > >______________________________ > >SBS2003-BOX (HP DL3*) LINUX-Box (HP DL3*) > >AD OpenSource Helpdesk System >DHCP OpenSource Network Monitoring(nagios, nmis) >DNS SMS Pager >Intranet AV(clamWin Free AV) >Accounting >MAILs (Pulled from ISP thru pop3 connector) >CRM >WSUS >AV (clamWin Free AV + AVG) >______________________________ > >Security is an issue here... > ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx