Re: Think outside the GUI challenge #1

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Thu, 29 Dec 2005 11:36:24 -0600

1. Because 10.0.0.0/8 is already taken
2. Dunno
3. Use 255.255.255.255
4. Can say here, there are ladies reading.

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**

 

> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
> Sent: Thursday, December 29, 2005 11:13 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: Think outside the GUI challenge #1
> 
> http://www.ISAserver.org
> 
> I smell an xNIX geek among us.
> :-p
> 
> Correct.  The actual command lines would be:
> - netsh int ip add addr north 10.0.0.1 255.255.255.0
> 
> (without RRAS)
> - route -p add 10.0.0.0 mask 255.255.255.0 10.0.0.1
> 
> (with RRAS)
> - netsh routing ip add persistentroute dest=10.0.0.0 
> mask=255.255.255.0 name="North" nhop=10.0.0.1 proto=NONDOD    
>  preference=0 metric=1 view=both
> - netsh routing ip set persistentroute dest=10.0.0.0 
> mask=255.255.255.0 name="North" nhop=10.0.0.1 proto=NONDOD    
>  preference=0 metric=1 view=both
> 
> ..now, for the extra points questions:
> Ep1 - why doesn't it work without adding the route commands 
> *as specified*?
> Ep2 - why are the routing table command different with & without RRAS?
> Ep3 - how would you modify the commands to restrict the 
> acceptable IP range?
> Ep4 - what does my daughter's phone number spell?
> 
> --------------------------------------------
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/Jim_Harrison/
> http://isatools.org
> Read the help / books / articles!
> --------------------------------------------
> 
> -----Original Message-----
> From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx] 
> Sent: Thursday, December 29, 2005 7:34 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: Think outside the GUI challenge #1
> 
> http://www.ISAserver.org
> 
> #1?Fbind static ip 10.0.0.X/24 at CLI
>     also add a static route 10.0.0.0/24 gateway 10.0.0.X/24 at CLI
> 
> > Remember; this is the "out of the GUI" challenge.
> > How would you accomplish item 1 from the command line?
> > 
> > Also, it still won't work (incomplete).
> > What other non-ISA, non-GUI steps must be taken?
> > 
> > #2 answered correctly.
> > 
> > --------------------------------------------
> > Jim Harrison
> > MCP(NT4, W2K), A+, Network+, PCG
> > http://isaserver.org/Jim_Harrison/
> > http://isatools.org
> > Read the help / books / articles!
> > --------------------------------------------
> > 
> > -----Original Message-----
> > From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx] 
> > Sent: Wednesday, December 28, 2005 11:07 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] Re: Think outside the GUI challenge #1
> > 
> > http://www.ISAserver.org
> > 
> > 
> > 1) Bind a additional static IP 10.0.0.X/24 to ISA External Interface
> > 2) In case of dynamic IP, static IP can't assign as per 1)
> > 
> > 
> > > Merry Xmas & Happy New Year!
> > > 
> > > In the spirit of giving, here's a "think outside the GUI" 
> challenge
> > for
> > > you.
> > >  
> > > Scenario:
> > > - ISA is connected directly to the Internet via a "manageable" DSL
> > > bridge
> > > - ISA uses 123.123.123.123/24 static external IP; DG = 
> 123.123.123.1
> > > - Internal LAN uses 10.9.8.x/24
> > > - DSL bridge has unchangeable 10.0.0.2/24 internal IP
> > > - DSL bridge offers web-based management on that internal IP
> > > 
> > >   Internet
> > >      |
> > >       DSL Bridge
> > >          |- 10.0.0.2/24
> > >      |- 123.123.123.123/24
> > >         ISA
> > >          |- 10.9.8.x/24
> > >     LAN
> > > 
> > > Note:
> > > - The DSL bridge internal IP is irrelevant to normal 
> Internet access.
> > > Because it's operating in "bridge" (as opposed to NAT) mode, it's
> > > effectively transparent to the ISA for Internet traffic.
> > > 
> > > Challenges:
> > > 1. Allow either ISA-local or ISA-internal to access the 
> DSL bridge web
> > > interface
> > > 2. Explain why the correct solution is impossible to 
> implement if the
> > > ISP provides a dynamic IP.
> > > 
> > > Hint:
> > > - The core of the solution has nothing whatsoever to do with ISA
> > itself.
> > > 
> > > --------------------------------------------
> > > Jim Harrison
> > > MCP(NT4, W2K), A+, Network+, PCG
> > > http://isaserver.org/Jim_Harrison/
> > > http://isatools.org
> > > Read the help / books / articles!
> > > --------------------------------------------
> > > 
> > > 
> > > All mail to and from this domain is GFI-scanned.
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org 
> Discussion List as:
> > jim@xxxxxxxxxxxx
> > To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> > 
> > All mail to and from this domain is GFI-scanned.
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: jim@xxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> All mail to and from this domain is GFI-scanned.
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
>

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 12-2005