Hi there... In order to use any of the publishing features of ISA server the ISA needs two interfaces (external and internal) both on a different subnet(!). This means for you if your isa stands with both legs in your DMZ zone (in the same subnet) and both have the same default gateway, you can not publish any internal servers! If this is your case, you have to define a second internal DMZ with a different subnet than the external DMZ and configure isa server to have its external leg in your normal "DMZ zone" and its internal leg in the "internal DMZ" ... The pix functions like before as "packet filter and gateway to the outside world" and you can make use of the isa publishing features. Hope this could help you. Greets > -----Ursprüngliche Nachricht----- > Von: zaki@xxxxxxx [mailto:zaki@xxxxxxx] > Gesendet: Mittwoch, 9. April 2003 10:18 > An: [ISAserver.org Discussion List] > Betreff: [isalist] two different firwall > > > http://www.ISAserver.org > > > Hi all > > Can i configure back to back firwall with different firwall platform: > > The external firwall is PIX Cisco and second is ISA server in > DMZ Zone. My aim is publish Outlook Web Access and NFuse (Citrix). > > OR there is other procdure to complete this Procdure without > ignoring or losing PIX Cisco firwall. > > thanks for all your help.... > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Exchange Server Resource Site: http://www.msexchange.org/ > Windows Security Resource Site: > http://www.windowsecurity.com/ Windows 2000/NT > Fax Solutions: > http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: christian.schramm@xxxxxxxxxxxxxx To unsubscribe send > a blank email to $subst('Email.Unsub') >