Hi John, Good point. The upsteam router needs to be aware of the DMZ segment. The upsteam router needs to be configured with a route to the DMZ network ID and use the IP address on the external interface of the ISA Server as the gateway address in the route. Thanks! Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: John Tolmachoff [mailto:isalist@xxxxxxxxxxxx] Sent: Monday, February 03, 2003 9:31 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Trihomed DMZ http://www.ISAserver.org Have you implemented routing to the DMZ at the router before ISA? John Tolmachoff MCSE, CSSA IT Manager, Network Engineer RelianceSoft, Inc. Fullerton, CA 92835 www.reliancesoft.com > -----Original Message----- > From: Mark Wrightson [mailto:mark.wrightson@xxxxxxxxxxxxxxxx] > Sent: Monday, February 03, 2003 7:15 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] Trihomed DMZ > > http://www.ISAserver.org > > > Have setup a Trihomed DMZ as per Tom Shinders book (ISA Server and Beyond) > > Public addresses on DMZ interface (Have treble checked all the ip address > / mask / gateway settings on all interfaces as per book) > > Am trying make a web sever available on the DMZ as per instructions. I.E. > Am creating a filter to allow access both ways to port 80 on the server > from and request. Have enabled IP routing within ISA. It doesn't work. > > Can publish the server via publishing rule but not via filter. Can setup > filters which work to the ISA server itself but not to the DMZ. > > Nothing seems to be being routed to the DMZ. Can ping server on DMZ from > the ISA Servers or clients on the private network. > > Do I need to do anthing in RRAS (NAT / Routes ?) > > Anybody have ant ideas ? > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Exchange Server Resource Site: http://www.msexchange.org/ > Windows Security Resource Site: http://www.windowsecurity.com/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > isalist@xxxxxxxxxxxx > To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')