RE: Security Between Internal Subnets/Interfaces
- From: "Kevin S. Malinowski" <Kevin@xxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 16 Jul 2002 22:46:52 -0600
Bill,
ISA is acting as expected. If the sending and receiving address are both in
your LAT, then ISA does not filter the packets.
Kevin
-----Original Message-----
From: William Holmes [mailto:wtholmes@xxxxxxxxxxxxxx]
Sent: Tuesday, July 16, 2002 9:13 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Security Between Internal Subnets/Interfaces
http://www.ISAserver.org
Hello,
I have a Tri-Homed ISA Server.
Interface #1 External [192.168.100.1]
Interface #2 Internal [192.168.101.1]
Interface #3 Internal [192.168.102.1]
The addresses on Both Interface 2 & 3 have been added to the LAT.
I have a Site & Content Rule that permits any request to All External
Destinations.
I also have a protocol rule that applies to All IP Traffic and Any
Request.
Next I Create a Destination Set that includes the network addresses from
[192.168.101.1] through [192.168.101.254], and a Client Address Set that
includes the addresses form [192.168.102.1] through [192.168.102.254].
Finally I created a site and content rule that denies all traffic
originating on the client address set that is destined for the
Destination set.
Unfortunately all the traffic gets through anyway. Could someone point
out what I am doing wrong?
Thanks
Bill
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
kevin@xxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
