One more thing, (I know replying to myself is a pretty bad habit on a mailing list), I would like to mention that they were using ISA 2000 back then, and relied on the LAT table to get this to work -- install was done by using the loopback card as a temporary measure so the configuration should be done -- now they migrated to 2004 and want to keep the same setup. Don't give me the dirty looks, I am just trying to convince them that their setup is crap. -----Message d'origine----- De : Alexandre Gauthier [mailto:gauthiera@xxxxxxxxxxxxxxxxx] Envoyé : 29 août 2005 14:21 À : [ISAserver.org Discussion List] Objet : [isalist] Re: Use two NICs? Convince me. http://www.ISAserver.org Yes. Not supported -- but it works... I'd like to understand why, if it is not supposed to work at all, it works? Please someone enlighten me. It does works, I have a fine example sitting over there. So far my client would not be convinced, the exchange would go like this: Me: "Well, it is not supposed to be that way." Him: "... But it works, right?" Me: "Well... yeah, but it says the feature is not available." Him: "Well, it works, and has worked for the past two years." Me: "..." Hardly convincing... -----Message d'origine----- De : JimmyJoeBobAlooba [mailto:jim@xxxxxxxxxxxx] Envoyé : 29 août 2005 14:16 À : [ISAserver.org Discussion List] Objet : [isalist] Re: Use two NICs? Convince me. http://www.ISAserver.org NOT SUPPORTED I don't think I can be any more clear... ----- Original Message ----- From: "Alexandre Gauthier" <gauthiera@xxxxxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Monday, August 29, 2005 11:08 AM Subject: [isalist] Re: Use two NICs? Convince me. http://www.ISAserver.org No, not really. I wish they were though. Quote: The following features are not available when ISA Server 2004 is configured in single network adapter mode: * IP packet filtering * Multi-network firewall policy * Application-level filtering * Virtual private networking * Server publishing * Firewall clients However, Firewall clients and IP packet filter seem to indeed be working. And they have been working for years. It's not like it was set up yesterday and I am wondering why I doesn't work... -----Message d'origine----- De : JimmyJoeBobAlooba [mailto:jim@xxxxxxxxxxxx] Envoyé : 29 août 2005 14:03 À : [ISAserver.org Discussion List] Objet : [isalist] Re: Use two NICs? Convince me. http://www.ISAserver.org KBs are your friend: http://support.microsoft.com/?id=838364 http://support.microsoft.com/?id=840471 ----- Original Message ----- From: "Alexandre Gauthier" <gauthiera@xxxxxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Monday, August 29, 2005 10:56 AM Subject: [isalist] Use two NICs? Convince me. http://www.ISAserver.org Greetings, Would anyone be so kind as to attempt to convince me that I *need* two network cards in my ISA 2004 firewall over here? (now please note that I did not design this network.) The configuration is made like this. The servers and the local LAN share one subnet (192.168.10.0/24) and are all behind a netscreen firewall. Somewhere among the servers is a single nic ISA 2004 server with a gateway (the netscreen). The client workstations use the Firewall client to connect to the internet, for they have no gateway, and even if they did, the netscreen is configure to only NAT out specific IPs. So far, it works. With a few hitches, but it works. We can add filtering rules for the client workstations, and restrict what we want. Why should I add another card and redesign part of the network that is already working? (I honestly did not do such a thing. I'd redesign it, but my client is not necessarily happy about this, and I need arguments.) -- Alexandre Gauthier Analyste Réseau/Network Analyst Québec Loisirs ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: gauthiera@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: gauthiera@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: gauthiera@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx