RE: two different firwall

• From: Christian.Schramm@xxxxxxxxxxxxxx
• To: isalist@xxxxxxxxxxxxx
• Date: Wed, 9 Apr 2003 10:35:22 +0200

Hi there...

In order to use any of the publishing features of ISA server the ISA needs
two interfaces (external and internal) both on a different subnet(!). This
means for you if your isa stands with both legs in your DMZ zone (in the
same subnet) and both have the same default gateway, you can not publish any
internal servers!

If this is your case, you have to define a second internal DMZ with a
different subnet than the external DMZ and configure isa server to have its
external leg in your normal "DMZ zone" and its internal leg in the "internal
DMZ" ... The pix functions like before as "packet filter and gateway to the
outside world" and you can make use of the isa publishing features.

Hope this could help you.

Greets



> -----Ursprüngliche Nachricht-----
> Von: zaki@xxxxxxx [mailto:zaki@xxxxxxx] 
> Gesendet: Mittwoch, 9. April 2003 10:18
> An: [ISAserver.org Discussion List]
> Betreff: [isalist] two different firwall
> 
> 
> http://www.ISAserver.org
> 
> 
> Hi all
> 
> Can i configure back to back firwall with different firwall platform:
> 
> The external firwall is PIX Cisco and second is ISA server in 
> DMZ Zone. My aim is publish Outlook Web Access and NFuse (Citrix).
> 
> OR there is other procdure to complete this Procdure without 
> ignoring or losing PIX Cisco firwall.
> 
> thanks for all your help....
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Exchange Server Resource Site: http://www.msexchange.org/ 
> Windows Security Resource Site: 
> http://www.windowsecurity.com/ Windows 2000/NT > Fax Solutions: 
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: christian.schramm@xxxxxxxxxxxxxx To unsubscribe send 
> a blank email to $subst('Email.Unsub')
> 

Other related posts:

• » two different firwall
• » RE: two different firwall
• » RE: two different firwall
• » RE: two different firwall
• » RE: two different firwall
• » RE: two different firwall

1. Home
2. isalist
3. Archive
4. 04-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---