Re: internal and external interface on same network segment
- From: "Jim Harrison" <jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 7 Jun 2002 10:47:23 -0700
Why does the router internal IP need to remain as it is?
ISA will not function as a firewall in this configuration.
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/authors/harrison/
Read the books!
----- Original Message -----
From: "Patrick Schmid" <patrick@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Friday, June 07, 2002 4:57 AM
Subject: [isalist] internal and external interface on same network segment
http://www.ISAserver.org
Hi,
our network address segments are mandated by an outside organization. They
have
also control over the router which links us with their network. We would
like
to put an ISA server between their router and our network. Changing the IP
addresses in our internal network is not an option.
The configuration should look similar to this:
LAN - 10.191.84.0/22
|
|
10.191.84.31 (internal interface), IP can be changed, but has to be in same
segment
2 ISA Servers with NLB on internal interface -- 192.168.0.3 DMZ
|
|
10.191.84.40
Cisco Router
All traffic should be routed to the DMZ, if the target is not in 10.x.x.x.
SMTP traffic is coming in via the Cisco router. Currently SMTP is sent to
10.191.84.38.
My configuration approach would be:
external interfaces to DMZ: 192.168.0.1 and 192.168.0.2
external interfaces to router: 10.191.84.38 with SMTP Message Screener.
Other
ISA server with any IP in 10.191.84.0/22. Is there any way to use NLB on
this
interface too?
Is this configuration possible? How would I go about this in the ISA
configuration?
Thanks.
Patrick Schmid
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
