RE: how to manage using ISA behind a leased line

  • From: "Jim Harrison" <jim@xxxxxxxxxxxx>
  • To: "[ Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 2 Jan 2002 06:32:11 -0800

ISA must also have a route to site B.  You enable this by adding site B's
subnet to the ISA routing table.
If you have RRAS installed, enter it there.
If no RRAS on the ISA, use the "route -p add <subnet> mask <netmask>
<gateway>" command.
In your case, the command would be "route -p add mask"

Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
Read the book!

----- Original Message -----
From: "Gerard Dumazet" <gdumazet@xxxxxxxxxxx>
To: "[ Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, January 02, 2002 03:09
Subject: [isalist] RE: how to manage using ISA behind a leased line

This is a multi-part message in MIME format.


sorry for my english. i read carefully your reply and just realised my
question was not clear

i have only one ISA in site A - no exchange server
2 subnets and one domain with a pdc in site B and a bdc in site A

site A bdc2000 + ISA internal NIC
gateway : none
external NIC gateway adsl router

in site A all clients securenat clients internet fine smtp/pop
fine for outlook express
all clients can share with site B having settled static and permanent routes
to site B having as gateway

site B pdc2000 AD NIC


how to configure any client of site B to be able to be a securenat client
for iSA on site A


to access shared ressources in site A

pointing the default gateway on site B's router doen not help

-----Message d'origine-----
De : Gallop, George [mailto:George.Gallop@xxxxxxxxxx]
Envoye : mardi 1 janvier 2002 23:27
A : [ Discussion List]
Objet : [isalist] RE: how to manage using ISA behind a leased line

Happy New Year.

I am struggling with understanding your English, sorry.

I am no guru, but possibly if I explain what I understood of the problem
we can try and all help?  I have a suggested solution below, so if
anyone wants to comment further...

Site A: 192.168.2.x
Site B: 192.168.1.x

Both Sites connect through a leased line:
Router is for site A
and Site B

DC / possibly Exchange Server in each site and also ISA Server (?):

Site A
Site B (?)

I think for clients to access the DC's in each site, you need to do the

1. Set the Default gateway on the secure NAT clients to the ISA server
in the site.
2. On the ISA Server in each site set a static route something like
(depending on your subnet mask):

Site B's ISA Server:
route add -p mask metric

Site A's ISA Server:
route add -p mask metric

3. In the LAT for the ISA Server ensure the remote network 192.168.x.x
is there.

Lastly, I am not sure but would the clients using SNAT also need a
static route to the remote network, anyone?

Kind regards, George

-----Original Message-----
From: dumazet [mailto:gdumazet@xxxxxxxxxxx]
Sent: Wednesday, 2 January 2002 4:39 AM
To: [ Discussion List]
Subject: [isalist] how to manage using ISA behind a leased line

fist of all happy new year to everyone especially to those who are
managing this helpful list

i already asked one week ago such a question but did'nt succeeded to
the right answer, so i formulate again my problem

it is a small company with 6 boxes center of paris (site A
and another office with 10 boxes (site B

both offices are connected through a leased line with cisco routers 800
having adresses for site A and for site B

a win 2K cpd with ad is in site B and another in site A

each box in each site has to connect to shared applications ou folders
one or the other site. until now everything was working fine

to give access for users to internet and be able to use outlook express
for internet mail we just installed ISA on the csd of site A :
waiting for better time to use another independant server
we are using a bewan router on adsl line ok

everything working fine for site A with securenat clients (http, smtp,
pop3)even able to use shared folders on site B using add -p routes to

but we dont't know what to do for site B

on the internal NIC of ISA we can't include a gateway on the
router of site A , accordingly the boxes of site B can't
connect to the shared folders or applis running on ISA box.

all boxes of site B have the router of site B as gateway but
this does not help to be securenat clients for ISA on site A

applis don't work anymore and internet is useless

i am sure for most of you this routing problem should be quite easy to
solve and i just see on message also on this list nearby mine but noone
gave idea and this is why i ask again

thanks for any idea

You are currently subscribed to this Discussion List as:
To unsubscribe send a blank email to $subst('Email.Unsub')

You are currently subscribed to this Discussion List as:
To unsubscribe send a blank email to $subst('Email.Unsub')


You are currently subscribed to this Discussion List as:
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts: