RE: Which "Network Template" to apply?
- From: "Marty Nelson" <MNelson@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 5 Dec 2005 12:43:27 -0800
Thanks Tom.
Your paper on "Playing well with others" all but describes what I'm
trying to do in the section titled "The ISA Firewall in a PIX DMZ
Configuration". What I am so utterly unclear on is how to implement it.
Like I mentioned earlier, I have two interfaces. One on the 10. range
which is in my BSD's DMZ and one in the 192. range that's in my internal
network.
When I view my Networks, what should I have under the "Internal
Networks"? I would assume just my 192.168 range? That's not even
getting into successfully publishing my internal web server.
________________________________
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: Monday, December 05, 2005 11:21 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Which "Network Template" to apply?
http://www.ISAserver.org
Hi Marty,
Edge firewall is what I would use. Then search the ISAserver.org site
for PIX for deployment scenario info.
HTH,
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
**Who is John Galt?**
________________________________
From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx]
Sent: Monday, December 05, 2005 1:17 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Which "Network Template" to apply?
http://www.ISAserver.org
Hi Tom;
I only have two NIC's installed, so I take it that I'm using the
wrong template, and have switched it back to the default, which was
"Edge Firewall". Which is the best to use if I'm trying to reverse
proxy an internal server?
Here's how my server's currently setup:
NIC1: 10.100.2.15 (in DMZ, although still behind main OpenBSD
firewall)
NIC2: 192.168.2.29 (in company's internal network, behind
OpenBSD firewall)
Thanks,
Marty
________________________________
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: Monday, December 05, 2005 10:59 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Which "Network Template" to apply?
http://www.ISAserver.org
Hi Marty,
For reverse proxy, I'd only do two NICs. What's the third NIC
for?
tom
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://spaces.msn.com/members/drisa/
Book: <http://tinyurl.com/3xqb7> http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**
________________________________
From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx]
Sent: Monday, December 05, 2005 12:41 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Which "Network Template" to apply?
http://www.ISAserver.org
Good Monday all. I'm wondering which template should I
be using in the following configuration? Currently it's setup using the
"3-Leg Perimeter" template.
My ISA server is in my DMZ, behind my company's main
OpenBSD firewall. Ideally it will be used strictly as a reverse proxy
(if I can ever get it to work! Feel free to see my other thread on that
bugger).
Thanks,
Marty
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other
sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org
Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: mnelson@xxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
mnelson@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
