Thanks Tom. Your paper on "Playing well with others" all but describes what I'm trying to do in the section titled "The ISA Firewall in a PIX DMZ Configuration". What I am so utterly unclear on is how to implement it. Like I mentioned earlier, I have two interfaces. One on the 10. range which is in my BSD's DMZ and one in the 192. range that's in my internal network. When I view my Networks, what should I have under the "Internal Networks"? I would assume just my 192.168 range? That's not even getting into successfully publishing my internal web server. ________________________________ From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Monday, December 05, 2005 11:21 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Which "Network Template" to apply? http://www.ISAserver.org Hi Marty, Edge firewall is what I would use. Then search the ISAserver.org site for PIX for deployment scenario info. HTH, Tom Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls **Who is John Galt?** ________________________________ From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx] Sent: Monday, December 05, 2005 1:17 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Which "Network Template" to apply? http://www.ISAserver.org Hi Tom; I only have two NIC's installed, so I take it that I'm using the wrong template, and have switched it back to the default, which was "Edge Firewall". Which is the best to use if I'm trying to reverse proxy an internal server? Here's how my server's currently setup: NIC1: 10.100.2.15 (in DMZ, although still behind main OpenBSD firewall) NIC2: 192.168.2.29 (in company's internal network, behind OpenBSD firewall) Thanks, Marty ________________________________ From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Monday, December 05, 2005 10:59 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Which "Network Template" to apply? http://www.ISAserver.org Hi Marty, For reverse proxy, I'd only do two NICs. What's the third NIC for? tom Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://spaces.msn.com/members/drisa/ Book: <http://tinyurl.com/3xqb7> http://tinyurl.com/3xqb7 MVP -- ISA Firewalls **Who is John Galt?** ________________________________ From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx] Sent: Monday, December 05, 2005 12:41 PM To: [ISAserver.org Discussion List] Subject: [isalist] Which "Network Template" to apply? http://www.ISAserver.org Good Monday all. I'm wondering which template should I be using in the following configuration? Currently it's setup using the "3-Leg Perimeter" template. My ISA server is in my DMZ, behind my company's main OpenBSD firewall. Ideally it will be used strictly as a reverse proxy (if I can ever get it to work! Feel free to see my other thread on that bugger). Thanks, Marty ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: mnelson@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: mnelson@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx