[isalist] Re: Verizon DSL & ISA Server 2004 Configuration!!!

• From: "John T \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx>
• To: <isalist@xxxxxxxxxxxxx>
• Date: Sat, 4 Nov 2006 10:00:23 -0800

http://www.ISAserver.org
-------------------------------------------------------

> The network segment between the NAT device's internal interface and the
> external interface of the ISA Firewall would be an anonymous access DMZ,
> so that untrusted WLAN clients can be placed there. You could even put
> trusted hosts there, and configure an ISA Firewall Network for that
> network segment and create a route relationship to extend the domain
> into that segment, if you like.

So, in other words, yes it does work but you have to take extra steps to
make it work and you have to have knowledge of routing subnets.

OK, so I take back what I said about it not working and replace that with
"It works but requires extra steps and if you do not get all the steps right
it will not work."

> There are lots of options, but I generally put WAPs behind the ISA
> Firewall, and never on the Internet gateway -- that's strickly SOHO, Kim
> Komando/Leo Laporte simpletonism ;)

Excellent analogy and why I would much rather tell some one it does not work
you should do it this way the correct way. I mean, how much does an extra
NIC for the ISA server and a Wireless access point to connect to it to make
a un-trusted DMZ off the ISA itself really cost? For the security it brings,
not much!

And yes, I cringe every time I hear Leo say "Your ISP's router is already
doing NAT which is a firewall so you should be fine."

John T
eServices For You

"Life is a succession of lessons which must be lived to be understood."
Ralph Waldo Emerson (1802-1882)


------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

• Follow-Ups:
  • [isalist] Re: Verizon DSL & ISA Server 2004 Configuration!!!
    • From: Jim Harrison

• References:
  • [isalist] Re: Verizon DSL & ISA Server 2004 Configuration!!!
    • From: Thomas W Shinder

Other related posts:

• » [isalist] Verizon DSL & ISA Server 2004 Configuration!!!
• » [isalist] Re: Verizon DSL & ISA Server 2004 Configuration!!!
• » [isalist] Re: Verizon DSL & ISA Server 2004 Configuration!!!
• » [isalist] Re: Verizon DSL & ISA Server 2004 Configuration!!!
• » [isalist] Re: Verizon DSL & ISA Server 2004 Configuration!!!
• » [isalist] Re: Verizon DSL & ISA Server 2004 Configuration!!!
• » [isalist] Re: Verizon DSL & ISA Server 2004 Configuration!!!
• » [isalist] Re: Verizon DSL & ISA Server 2004 Configuration!!!
• » [isalist] Re: Verizon DSL & ISA Server 2004 Configuration!!!
• » [isalist] Re: Verizon DSL & ISA Server 2004 Configuration!!!
• » [isalist] Re: Verizon DSL & ISA Server 2004 Configuration!!!

1. Home
2. isalist
3. Archive
4. 11-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---