RE: Upstream router and DMZ configuration...confused~~!!

• From: "JosephK" <josephk@xxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 23 Jun 2005 21:56:21 -0700

I'm going to put my phone in the DMZ. um, I wonder if that will work?
I really like having an internal DMZ.  I've learned a lot about that 
on these lists!
Thanks all!

Joseph

-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Sent: Thursday, June 23, 2005 9:57 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Upstream router and DMZ
configuration...confused~~!!

http://www.ISAserver.org


The other question is "why do you feel the need to place that in a DMZ?"
ISA can protect it on the internal net without all that noise...

-----Original Message-----
From: MarvinC [mailto:marvinc@xxxxxxxxx] 
Sent: Thursday, June 23, 2005 6:20 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Upstream router and DMZ
configuration...confused~~!!

http://www.ISAserver.org

One W2K3 server that I plan to install Exchange 2003 on and use as an
OWA front-end server. I may opt to add my web server later on.

On 6/23/05, Thomas W Shinder <tshinder@xxxxxxxxxxx> wrote:
> http://www.ISAserver.org
> 
> Hi Marvin,
> What resources do you have in the DMZ?
> Thanks!
> 
> Tom
> www.isaserver.org/shinder
> Tom and Deb Shinder's Configuring ISA Server 2004
> http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> 
> 
> 
> > -----Original Message-----
> > From: MarvinC [mailto:marvinc@xxxxxxxxx]
> > Sent: Thursday, June 23, 2005 1:13 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Upstream router and DMZ
> > configuration...confused~~!!
> >
> > http://www.ISAserver.org
> >
> > Ok so this leaves me with the following:
> >
> > Internal:
> > IP: 10.0.0.x
> > Subnet: 255.0.0.x
> > GW:
> > DNS: IP of internal DNS server.
> >
> > DMZ:
> > IP: 172.16.0.x
> > Subnet: 255.0.0.x
> > GW:
> >
> > External: ISP Static IP
> > IP: 70.148.240.122
> > Subnet: 255.255.255.248
> > GW: 70.148.240.121
> >
> > Dial Up: BellSouth Connection
> >
> > Now comes the newbie questions:
> >
> > 1. Do I need to create any records or zones for the DMZ on the
> > internal DNS server?
> >
> >
> > On 6/23/05, Jim Harrison <Jim@xxxxxxxxxxxx> wrote:
> > > http://www.ISAserver.org
> > >
> > > Hi Marvin,
> > >
> > > You dun a bad ting.
> > > 1. Ditch the GW on the DMZ interface - it's non-functional.
> > > 2. Unless you plan to lose lots of hair, you've failed to meet the
> > > "public address" part of the DMZ network
> > > 3. The static route Tom refers to is at the router, not the
> > ISA.  ISA in
> > > effect becomes "another hop in the chain" between the ISP router
and
> > > your DMZ.
> > > 4. Based on your IP setting, you don't have enough IPs to create a
> > > public DMZ.  Your /29 address space only provides 6 usable
> > addresses;
> > > not enough to subnet off for a DMZ.
> > >
> > > -----Original Message-----
> > > From: MarvinC [mailto:marvinc@xxxxxxxxx]
> > > Sent: Wednesday, June 22, 2005 9:51 PM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] Upstream router and DMZ
> > configuration...confused~~!!
> > >
> > > http://www.ISAserver.org
> > >
> > > I've asked this question before but it was under different
> > > circumstances so I need to try again for further clarification.
> > > This may seem like a "dumb question" but it's one I have to ask so
> > > please accept my apologizes in advance if anyone's bothered by it.
> > > I have the Configuring ISA 2004 book and I'm reading an article in
> > > Chapter 7 entitled "Creating and configuring a public address
> > > tri-homed DMZ Network". I have on my ISA2K box three (3) network
> > > adapters with the following settings in the following order:
> > >
> > > Internal:
> > > IP: 10.0.0.x
> > > Subnet: 255.0.0.x
> > > GW:
> > > DNS: IP of internal DNS server.
> > >
> > > DMZ:
> > > IP: 172.16.0.x
> > > Subnet: 255.0.0.x
> > > GW: 172.16.0.1
> > > DNS: 172.16.0.1
> > >
> > > External: ISP Static IP
> > > IP: 70.148.240.122
> > > Subnet: 255.255.255.248
> > > GW: 70.148.122.121
> > >
> > > There is mention in the book on creating static routes to
> > the upstream
> > > router to ensure communication between the networks. I'm
> > not sure what
> > > the upstream router is and need clarification. Is this a
> > seperate unit
> > > functioning as a router or is this the ISA server? Where do I
enter
> > > this command and is this the correct syntax for the command:
> > >
> > > router add 172.16.0.0 add 172.16.0.0 0 mask 255.255.0.0
192.168.1.20
> > >
> > > Would anyone have any links or articles that cover static routes
as
> > > they relate to ISA2K4? I'm also trying to determine if the
external
> > > interface consititutes as a public address?
> > > ANY responses are greatly appreciated. ANY!!!
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > World of Windows Networking: http://www.windowsnetworking.com
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org
> > Discussion List as:
> > > jim@xxxxxxxxxxxx
> > > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > > All mail to and from this domain is GFI-scanned.
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > World of Windows Networking: http://www.windowsnetworking.com
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org
> > Discussion List as: marvinc@xxxxxxxxx
> > > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > World of Windows Networking: http://www.windowsnetworking.com
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion
> > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
marvinc@xxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
josephk@xxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!
• » RE: Upstream router and DMZ configuration...confused~~!!

1. Home
2. isalist
3. Archive
4. 06-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---