[isalist] Re: Verizon DSL & ISA Server 2004 Configuration!!!
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Sat, 4 Nov 2006 10:35:49 -0800
http://www.ISAserver.org
-------------------------------------------------------
Remember the "think outside the GUI" problem I posed some months ago?
This is no different...
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of John T (Lists)
Sent: Saturday, November 04, 2006 10:00 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Verizon DSL & ISA Server 2004 Configuration!!!
http://www.ISAserver.org
-------------------------------------------------------
> The network segment between the NAT device's internal interface and
> the external interface of the ISA Firewall would be an anonymous
> access DMZ, so that untrusted WLAN clients can be placed there. You
> could even put trusted hosts there, and configure an ISA Firewall
> Network for that network segment and create a route relationship to
> extend the domain into that segment, if you like.
So, in other words, yes it does work but you have to take extra steps to
make it work and you have to have knowledge of routing subnets.
OK, so I take back what I said about it not working and replace that
with "It works but requires extra steps and if you do not get all the
steps right it will not work."
> There are lots of options, but I generally put WAPs behind the ISA
> Firewall, and never on the Internet gateway -- that's strickly SOHO,
> Kim Komando/Leo Laporte simpletonism ;)
Excellent analogy and why I would much rather tell some one it does not
work you should do it this way the correct way. I mean, how much does an
extra NIC for the ISA server and a Wireless access point to connect to
it to make a un-trusted DMZ off the ISA itself really cost? For the
security it brings, not much!
And yes, I cringe every time I hear Leo say "Your ISP's router is
already doing NAT which is a firewall so you should be fine."
John T
eServices For You
"Life is a succession of lessons which must be lived to be understood."
Ralph Waldo Emerson (1802-1882)
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
