Ok so this leaves me with the following: Internal: IP: 10.0.0.x Subnet: 255.0.0.x GW: DNS: IP of internal DNS server. DMZ: IP: 172.16.0.x Subnet: 255.0.0.x GW: External: ISP Static IP IP: 70.148.240.122 Subnet: 255.255.255.248 GW: 70.148.240.121 Dial Up: BellSouth Connection Now comes the newbie questions: 1. Do I need to create any records or zones for the DMZ on the internal DNS server? On 6/23/05, Jim Harrison <Jim@xxxxxxxxxxxx> wrote: > http://www.ISAserver.org > > Hi Marvin, > > You dun a bad ting. > 1. Ditch the GW on the DMZ interface - it's non-functional. > 2. Unless you plan to lose lots of hair, you've failed to meet the > "public address" part of the DMZ network > 3. The static route Tom refers to is at the router, not the ISA. ISA in > effect becomes "another hop in the chain" between the ISP router and > your DMZ. > 4. Based on your IP setting, you don't have enough IPs to create a > public DMZ. Your /29 address space only provides 6 usable addresses; > not enough to subnet off for a DMZ. > > -----Original Message----- > From: MarvinC [mailto:marvinc@xxxxxxxxx] > Sent: Wednesday, June 22, 2005 9:51 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] Upstream router and DMZ configuration...confused~~!! > > http://www.ISAserver.org > > I've asked this question before but it was under different > circumstances so I need to try again for further clarification. > This may seem like a "dumb question" but it's one I have to ask so > please accept my apologizes in advance if anyone's bothered by it. > I have the Configuring ISA 2004 book and I'm reading an article in > Chapter 7 entitled "Creating and configuring a public address > tri-homed DMZ Network". I have on my ISA2K box three (3) network > adapters with the following settings in the following order: > > Internal: > IP: 10.0.0.x > Subnet: 255.0.0.x > GW: > DNS: IP of internal DNS server. > > DMZ: > IP: 172.16.0.x > Subnet: 255.0.0.x > GW: 172.16.0.1 > DNS: 172.16.0.1 > > External: ISP Static IP > IP: 70.148.240.122 > Subnet: 255.255.255.248 > GW: 70.148.122.121 > > There is mention in the book on creating static routes to the upstream > router to ensure communication between the networks. I'm not sure what > the upstream router is and need clarification. Is this a seperate unit > functioning as a router or is this the ISA server? Where do I enter > this command and is this the correct syntax for the command: > > router add 172.16.0.0 add 172.16.0.0 0 mask 255.255.0.0 192.168.1.20 > > Would anyone have any links or articles that cover static routes as > they relate to ISA2K4? I'm also trying to determine if the external > interface consititutes as a public address? > ANY responses are greatly appreciated. ANY!!! > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > jim@xxxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > All mail to and from this domain is GFI-scanned. > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > marvinc@xxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx >