RE: Which "Network Template" to apply?
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 5 Dec 2005 19:22:12 -0600
Onions?
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**
> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> Sent: Monday, December 05, 2005 7:13 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Which "Network Template" to apply?
>
> http://www.ISAserver.org
>
> What am I, chopped liver?
>
> -----
> "And yet, even if one person finds his way... that means
> there is a Way. Even if I personally fail to reach it."
>
> Mr. Nobusuke Tagomi
> Top Place, Ranking Imperial Trade Mission
> Pacific States of America
>
> ----- Original Message -----
> From: "Steve Moffat" <steve@xxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Monday, December 05, 2005 3:00 PM
> Subject: [isalist] RE: Which "Network Template" to apply?
>
>
> http://www.ISAserver.org
>
> In fact, and I expect some backup here Doc and Jim.........you should
> set it up as your primary firewall correctly and use the linux box for
> your sharepoint sites ...:)
>
> S
>
> -----Original Message-----
> From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx]
> Sent: Monday, December 05, 2005 6:51 PM
> To: ISA Mailing List
> Subject: [isalist] RE: Which "Network Template" to apply?
>
>
> http://www.ISAserver.org
>
> Geez, that was helpful....thanks
>
> Perhaps I should elaborate on what this computer's purpose
> is. It is to
> host a sharepoint site, and provide access to an internal web
> server via
> reverse proxy, that's it. It's not to be used as a firewall in any
> sense, strictly as a reverse proxy. ISA was installed because of its
> reverse proxy capabilities when used in conjunction with IIS. While I
> think ISA's a great product, it's totally wasted on this project. So
> forgive me if I'm breaking the rules by running a web server on an ISA
> server.
>
> Marty
>
> -----Original Message-----
> From: Steve Moffat [mailto:steve@xxxxxxxxxx]
> Sent: Monday, December 05, 2005 2:26 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Which "Network Template" to apply?
>
> http://www.ISAserver.org
>
> Do not host websites on the isa server........geez
>
> Would you host websites on your bsd box???
>
> -----Original Message-----
> From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx]
> Sent: Monday, December 05, 2005 6:21 PM
> To: ISA Mailing List
> Subject: [isalist] RE: Which "Network Template" to apply?
>
>
> http://www.ISAserver.org
>
> I swear it must be me that makes things harder than they need to be.
> Seriously, this kind of stuff always happens to me.
>
> That being said, I've had a breakthrough. What I was trying to do was
> have any requests for www.whatever.com/folder reverse proxy back to my
> internal site. Now let me say this, www.whatever.com is
> being hosted on
> the ISA box, and no matter what I did I could not get the /folder to
> reverse proxy. What I did as a test was shutdown www.whatever.com and
> create a publishing rule that directed any traffic to the whatever.com
> IP address to my internal site, and it worked!
>
> Now, all of that being said, can I not do what I was trying to do
> originally? Meaning, can I not have ISA listen for requests to
> www.whatever.com/folder, and reverse only those requests?
>
> Thanks again,
>
> Marty
>
> -----Original Message-----
> From: Steve Moffat [mailto:steve@xxxxxxxxxx]
> Sent: Monday, December 05, 2005 2:03 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Which "Network Template" to apply?
>
> http://www.ISAserver.org
>
> It isn't....normally
>
> -----Original Message-----
> From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx]
> Sent: Monday, December 05, 2005 5:23 PM
> To: ISA Mailing List
> Subject: [isalist] RE: Which "Network Template" to apply?
>
>
> http://www.ISAserver.org
>
> Steve while I appreciate the post, what I don't think I've conveyed is
> that I've done what you've suggested, and I just cannot get
> it to work.
> What I am trying to do here is figure out what exactly I'm doing wrong
> so I can remedy it. Believe me; I had no idea that setting
> up a reverse
> proxy in ISA was this difficult.
>
> -----Original Message-----
> From: Steve Moffat [mailto:steve@xxxxxxxxxx]
> Sent: Monday, December 05, 2005 12:56 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Which "Network Template" to apply?
>
> http://www.ISAserver.org
>
> Geez...
>
> forward port 80 from the BSD FW to the ISA, publish your website using
> the web publishing wizard.
>
> From the external nic (10.) to the published website, which
> can be an IP
> address or an fqdn if you have it in your dns and isa has an
> allow rule
> for dns, or by hosts file.
>
> S
>
> Looks like a lot of reading is required beforehand first of almmend
> buying Tom's books on ISA.
>
> ________________________________
>
> From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx]
> Sent: Monday, December 05, 2005 4:43 PM
> To: ISA Mailing List
> Subject: [isalist] RE: Which "Network Template" to apply?
>
>
> http://www.ISAserver.org
>
>
> Thanks Tom.
>
>
>
> Your paper on "Playing well with others" all but describes what I'm
> trying to do in the section titled "The ISA Firewall in a PIX DMZ
> Configuration". What I am so utterly unclear on is how to
> implement it.
> Like I mentioned earlier, I have two interfaces. One on the 10. range
> which is in my BSD's DMZ and one in the 192. range that's in
> my internal
> network.
>
>
>
> When I view my Networks, what should I have under the "Internal
> Networks"? I would assume just my 192.168 range? That's not even
> getting into successfully publishing my internal web server.
>
>
>
> ________________________________
>
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> Sent: Monday, December 05, 2005 11:21 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Which "Network Template" to apply?
>
>
>
> http://www.ISAserver.org
>
> Hi Marty,
>
>
>
> Edge firewall is what I would use. Then search the ISAserver.org site
> for PIX for deployment scenario info.
>
>
>
> HTH,
>
> Tom
>
>
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org <http://www.isaserver.org/>
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
> MVP -- ISA Firewalls
> **Who is John Galt?**
>
>
>
>
>
> ________________________________
>
> From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx]
> Sent: Monday, December 05, 2005 1:17 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Which "Network Template" to apply?
>
> http://www.ISAserver.org
>
> Hi Tom;
>
>
>
> I only have two NIC's installed, so I take it that I'm using the
> wrong template, and have switched it back to the default, which was
> "Edge Firewall". Which is the best to use if I'm trying to reverse
> proxy an internal server?
>
>
>
> Here's how my server's currently setup:
>
>
>
> NIC1: 10.100.2.15 (in DMZ, although still behind main OpenBSD
> firewall)
>
> NIC2: 192.168.2.29 (in company's internal network, behind
> OpenBSD firewall)
>
>
>
> Thanks,
>
>
>
> Marty
>
>
>
> ________________________________
>
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> Sent: Monday, December 05, 2005 10:59 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Which "Network Template" to apply?
>
>
>
> http://www.ISAserver.org
>
> Hi Marty,
>
>
>
> For reverse proxy, I'd only do two NICs. What's the third NIC
> for?
>
>
>
> tom
>
>
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org <http://www.isaserver.org/>
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
> MVP -- ISA Firewalls
> **Who is John Galt?**
>
>
>
>
>
> ________________________________
>
> From: Marty Nelson
> [mailto:MNelson@xxxxxxxxxxxx]
> Sent: Monday, December 05, 2005 12:41 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Which "Network Template" to apply?
>
> http://www.ISAserver.org
>
> Good Monday all. I'm wondering which template should I
> be using in the following configuration? Currently it's
> setup using the
> "3-Leg Perimeter" template.
>
>
>
> My ISA server is in my DMZ, behind my company's main
> OpenBSD firewall. Ideally it will be used strictly as a reverse proxy
> (if I can ever get it to work! Feel free to see my other
> thread on that
> bugger).
>
>
>
> Thanks,
>
>
>
> Marty
>
> ------------------------------------------------------
> List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other
> sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org
> Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: mnelson@xxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> mnelson@xxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> isalist@xxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> mnelson@xxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> isalist@xxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> mnelson@xxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> isalist@xxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> mnelson@xxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> isalist@xxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as:
> thor@xxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
Other related posts:
