I swear it must be me that makes things harder than they need to be. Seriously, this kind of stuff always happens to me. That being said, I've had a breakthrough. What I was trying to do was have any requests for www.whatever.com/folder reverse proxy back to my internal site. Now let me say this, www.whatever.com is being hosted on the ISA box, and no matter what I did I could not get the /folder to reverse proxy. What I did as a test was shutdown www.whatever.com and create a publishing rule that directed any traffic to the whatever.com IP address to my internal site, and it worked! Now, all of that being said, can I not do what I was trying to do originally? Meaning, can I not have ISA listen for requests to www.whatever.com/folder, and reverse only those requests? Thanks again, Marty -----Original Message----- From: Steve Moffat [mailto:steve@xxxxxxxxxx] Sent: Monday, December 05, 2005 2:03 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Which "Network Template" to apply? http://www.ISAserver.org It isn't....normally -----Original Message----- From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx] Sent: Monday, December 05, 2005 5:23 PM To: ISA Mailing List Subject: [isalist] RE: Which "Network Template" to apply? http://www.ISAserver.org Steve while I appreciate the post, what I don't think I've conveyed is that I've done what you've suggested, and I just cannot get it to work. What I am trying to do here is figure out what exactly I'm doing wrong so I can remedy it. Believe me; I had no idea that setting up a reverse proxy in ISA was this difficult. -----Original Message----- From: Steve Moffat [mailto:steve@xxxxxxxxxx] Sent: Monday, December 05, 2005 12:56 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Which "Network Template" to apply? http://www.ISAserver.org Geez... forward port 80 from the BSD FW to the ISA, publish your website using the web publishing wizard. From the external nic (10.) to the published website, which can be an IP address or an fqdn if you have it in your dns and isa has an allow rule for dns, or by hosts file. S Looks like a lot of reading is required beforehand first of almmend buying Tom's books on ISA. ________________________________ From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx] Sent: Monday, December 05, 2005 4:43 PM To: ISA Mailing List Subject: [isalist] RE: Which "Network Template" to apply? http://www.ISAserver.org Thanks Tom. Your paper on "Playing well with others" all but describes what I'm trying to do in the section titled "The ISA Firewall in a PIX DMZ Configuration". What I am so utterly unclear on is how to implement it. Like I mentioned earlier, I have two interfaces. One on the 10. range which is in my BSD's DMZ and one in the 192. range that's in my internal network. When I view my Networks, what should I have under the "Internal Networks"? I would assume just my 192.168 range? That's not even getting into successfully publishing my internal web server. ________________________________ From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Monday, December 05, 2005 11:21 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Which "Network Template" to apply? http://www.ISAserver.org Hi Marty, Edge firewall is what I would use. Then search the ISAserver.org site for PIX for deployment scenario info. HTH, Tom Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls **Who is John Galt?** ________________________________ From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx] Sent: Monday, December 05, 2005 1:17 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Which "Network Template" to apply? http://www.ISAserver.org Hi Tom; I only have two NIC's installed, so I take it that I'm using the wrong template, and have switched it back to the default, which was "Edge Firewall". Which is the best to use if I'm trying to reverse proxy an internal server? Here's how my server's currently setup: NIC1: 10.100.2.15 (in DMZ, although still behind main OpenBSD firewall) NIC2: 192.168.2.29 (in company's internal network, behind OpenBSD firewall) Thanks, Marty ________________________________ From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Monday, December 05, 2005 10:59 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Which "Network Template" to apply? http://www.ISAserver.org Hi Marty, For reverse proxy, I'd only do two NICs. What's the third NIC for? tom Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls **Who is John Galt?** ________________________________ From: Marty Nelson [mailto:MNelson@xxxxxxxxxxxx] Sent: Monday, December 05, 2005 12:41 PM To: [ISAserver.org Discussion List] Subject: [isalist] Which "Network Template" to apply? http://www.ISAserver.org Good Monday all. I'm wondering which template should I be using in the following configuration? Currently it's setup using the "3-Leg Perimeter" template. My ISA server is in my DMZ, behind my company's main OpenBSD firewall. Ideally it will be used strictly as a reverse proxy (if I can ever get it to work! Feel free to see my other thread on that bugger). Thanks, Marty ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: mnelson@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: mnelson@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: isalist@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: mnelson@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: isalist@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: mnelson@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx