Re: Security Between Internal Subnets/Interfaces
- From: "Jim Harrison" <jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 18 Jul 2002 20:08:01 -0700
ISA doesn't filter traffic within the LAT.
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/authors/harrison/
Read the books!
----- Original Message -----
From: "William Holmes" <wtholmes@xxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, July 16, 2002 8:13 PM
Subject: [isalist] Security Between Internal Subnets/Interfaces
http://www.ISAserver.org
Hello,
I have a Tri-Homed ISA Server.
Interface #1 External [192.168.100.1]
Interface #2 Internal [192.168.101.1]
Interface #3 Internal [192.168.102.1]
The addresses on Both Interface 2 & 3 have been added to the LAT.
I have a Site & Content Rule that permits any request to All External
Destinations.
I also have a protocol rule that applies to All IP Traffic and Any
Request.
Next I Create a Destination Set that includes the network addresses from
[192.168.101.1] through [192.168.101.254], and a Client Address Set that
includes the addresses form [192.168.102.1] through [192.168.102.254].
Finally I created a site and content rule that denies all traffic
originating on the client address set that is destined for the
Destination set.
Unfortunately all the traffic gets through anyway. Could someone point
out what I am doing wrong?
Thanks
Bill
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
