RE: Which "Network Template" to apply?

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Mon, 5 Dec 2005 19:21:55 -0600

PL0nK.

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**

 

> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] 
> Sent: Monday, December 05, 2005 7:12 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Which "Network Template" to apply?
> 
> http://www.ISAserver.org
> 
> But how else are we to use "Go to my PC" to administer it?
> 
> -----
> "And yet, even if one person finds his way... that means
> there is a Way.  Even if I personally fail to reach it."
> 
> Mr. Nobusuke Tagomi
> Top Place, Ranking Imperial Trade Mission
> Pacific States of America
> 
> ----- Original Message ----- 
> From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Monday, December 05, 2005 4:16 PM
> Subject: [isalist] RE: Which "Network Template" to apply?
> 
> 
> http://www.ISAserver.org
> 
> Do.
> Not..
> Host...
> Web....
> Sites.....
> On..........
> Firewalls....
> EVER.
> 
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> **Who is John Galt?**
> 
> 
> 
> > -----Original Message-----
> > From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx]
> > Sent: Monday, December 05, 2005 4:21 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Which "Network Template" to apply?
> >
> > http://www.ISAserver.org
> >
> > I swear it must be me that makes things harder than they need to be.
> > Seriously, this kind of stuff always happens to me.
> >
> > That being said, I've had a breakthrough.  What I was 
> trying to do was
> > have any requests for www.whatever.com/folder reverse proxy 
> back to my
> > internal site.  Now let me say this, www.whatever.com is
> > being hosted on
> > the ISA box, and no matter what I did I could not get the /folder to
> > reverse proxy.  What I did as a test was shutdown 
> www.whatever.com and
> > create a publishing rule that directed any traffic to the 
> whatever.com
> > IP address to my internal site, and it worked!
> >
> > Now, all of that being said, can I not do what I was trying to do
> > originally?  Meaning, can I not have ISA listen for requests to
> > www.whatever.com/folder, and reverse only those requests?
> >
> > Thanks again,
> >
> > Marty
> >
> > -----Original Message-----
> > From: Steve Moffat [mailto:steve@xxxxxxxxxx]
> > Sent: Monday, December 05, 2005 2:03 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Which "Network Template" to apply?
> >
> > http://www.ISAserver.org
> >
> > It isn't....normally
> >
> > -----Original Message-----
> > From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx]
> > Sent: Monday, December 05, 2005 5:23 PM
> > To: ISA Mailing List
> > Subject: [isalist] RE: Which "Network Template" to apply?
> >
> >
> > http://www.ISAserver.org
> >
> > Steve while I appreciate the post, what I don't think I've 
> conveyed is
> > that I've done what you've suggested, and I just cannot get
> > it to work.
> > What I am trying to do here is figure out what exactly I'm 
> doing wrong
> > so I can remedy it.  Believe me; I had no idea that setting
> > up a reverse
> > proxy in ISA was this difficult.
> >
> > -----Original Message-----
> > From: Steve Moffat [mailto:steve@xxxxxxxxxx]
> > Sent: Monday, December 05, 2005 12:56 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Which "Network Template" to apply?
> >
> > http://www.ISAserver.org
> >
> >  Geez...
> >
> > forward port 80 from the BSD FW to the ISA, publish your 
> website using
> > the web publishing wizard.
> >
> > From the external nic (10.) to the published website, which
> > can be an IP
> > address or an fqdn if you have it in your dns and isa has an
> > allow rule
> > for dns, or by hosts file.
> >
> > S
> >
> > Looks like a lot of reading is required beforehand first of almmend
> > buying Tom's books on ISA.
> >
> > ________________________________
> >
> > From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx]
> > Sent: Monday, December 05, 2005 4:43 PM
> > To: ISA Mailing List
> > Subject: [isalist] RE: Which "Network Template" to apply?
> >
> >
> > http://www.ISAserver.org
> >
> >
> > Thanks Tom.
> >
> >
> >
> > Your paper on "Playing well with others" all but describes what I'm
> > trying to do in the section titled "The ISA Firewall in a PIX DMZ
> > Configuration".  What I am so utterly unclear on is how to
> > implement it.
> > Like I mentioned earlier, I have two interfaces.  One on 
> the 10. range
> > which is in my BSD's DMZ and one in the 192. range that's in
> > my internal
> > network.
> >
> >
> >
> > When I view my Networks, what should I have under the "Internal
> > Networks"?  I would assume just my 192.168 range?  That's not even
> > getting into successfully publishing my internal web server.
> >
> >
> >
> > ________________________________
> >
> > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> > Sent: Monday, December 05, 2005 11:21 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Which "Network Template" to apply?
> >
> >
> >
> > http://www.ISAserver.org
> >
> > Hi Marty,
> >
> >
> >
> > Edge firewall is what I would use. Then search the 
> ISAserver.org site
> > for PIX for deployment scenario info.
> >
> >
> >
> > HTH,
> >
> > Tom
> >
> >
> >
> > Thomas W Shinder, M.D.
> > Site: www.isaserver.org <http://www.isaserver.org/>
> > Blog: http://spaces.msn.com/members/drisa/
> > Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
> > MVP -- ISA Firewalls
> > **Who is John Galt?**
> >
> >
> >
> >
> >
> > ________________________________
> >
> > From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx]
> > Sent: Monday, December 05, 2005 1:17 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Which "Network Template" to apply?
> >
> > http://www.ISAserver.org
> >
> > Hi Tom;
> >
> >
> >
> > I only have two NIC's installed, so I take it that I'm using the
> > wrong template, and have switched it back to the default, which was
> > "Edge Firewall".  Which is the best to use if I'm trying to reverse
> > proxy an internal server?
> >
> >
> >
> > Here's how my server's currently setup:
> >
> >
> >
> > NIC1: 10.100.2.15 (in DMZ, although still behind main OpenBSD
> > firewall)
> >
> > NIC2: 192.168.2.29 (in company's internal network, behind
> > OpenBSD firewall)
> >
> >
> >
> > Thanks,
> >
> >
> >
> > Marty
> >
> >
> >
> > ________________________________
> >
> > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> > Sent: Monday, December 05, 2005 10:59 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Which "Network Template" to apply?
> >
> >
> >
> > http://www.ISAserver.org
> >
> > Hi Marty,
> >
> >
> >
> > For reverse proxy, I'd only do two NICs. What's the third NIC
> > for?
> >
> >
> >
> > tom
> >
> >
> >
> > Thomas W Shinder, M.D.
> > Site: www.isaserver.org <http://www.isaserver.org/>
> > Blog: http://spaces.msn.com/members/drisa/
> > Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
> > MVP -- ISA Firewalls
> > **Who is John Galt?**
> >
> >
> >
> >
> >
> > ________________________________
> >
> > From: Marty Nelson
> > [mailto:MNelson@xxxxxxxxxxxx]
> > Sent: Monday, December 05, 2005 12:41 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] Which "Network Template" to apply?
> >
> > http://www.ISAserver.org
> >
> > Good Monday all.  I'm wondering which template should I
> > be using in the following configuration?  Currently it's
> > setup using the
> > "3-Leg Perimeter" template.
> >
> >
> >
> > My ISA server is in my DMZ, behind my company's main
> > OpenBSD firewall.  Ideally it will be used strictly as a 
> reverse proxy
> > (if I can ever get it to work!  Feel free to see my other
> > thread on that
> > bugger).
> >
> >
> >
> > Thanks,
> >
> >
> >
> > Marty
> >
> > ------------------------------------------------------
> > List Archives:
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ:
> > http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other
> > sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org
> > Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> > ------------------------------------------------------
> > List Archives:
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ:
> > http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion
> > List as: mnelson@xxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> > ------------------------------------------------------
> > List Archives:
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ:
> > http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion
> > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org 
> Discussion List as:
> > mnelson@xxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org 
> Discussion List as:
> > isalist@xxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org 
> Discussion List as:
> > mnelson@xxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org 
> Discussion List as:
> > isalist@xxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org 
> Discussion List as:
> > mnelson@xxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion
> > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: 
> thor@xxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 

Other related posts:

• » Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?
• » RE: Which "Network Template" to apply?

1. Home
2. isalist
3. Archive
4. 12-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---