ISA Server 2004 external interaface question
Last response: in Networking
Archived from groups: comp.security.firewalls (More info?)
Guys,
Need some advice. I am setting up an ISA Server in a department. The
organisation already has an upstream squid Proxy.
All our current traffic is routed through the squid.
We would like to setup an additional proxy running ISA 2004 for our
department.
What is the best setup?
How does the external interface know where to send all internal traffic to?
Obviously with this setup I plan to use two intefaces, one for the external
and other for the internal interface. I am not sure whether to use firewall
clients or NAT clients. Does the physical network cabling path need to be
for any of these methods, for example to ensure all traffic goes through
ISA, or can this be done through access control lists in the router?
Thank You for all your help.
Guys,
Need some advice. I am setting up an ISA Server in a department. The
organisation already has an upstream squid Proxy.
All our current traffic is routed through the squid.
We would like to setup an additional proxy running ISA 2004 for our
department.
What is the best setup?
How does the external interface know where to send all internal traffic to?
Obviously with this setup I plan to use two intefaces, one for the external
and other for the internal interface. I am not sure whether to use firewall
clients or NAT clients. Does the physical network cabling path need to be
for any of these methods, for example to ensure all traffic goes through
ISA, or can this be done through access control lists in the router?
Thank You for all your help.
More about : isa server 2004 external interaface question
Archived from groups: comp.security.firewalls (More info?)
"Billy K" <private@hotmail.com> wrote in message
news:40bdc88b@news.comindico.com.au...
> Guys,
>
> Need some advice. I am setting up an ISA Server in a department. The
> organisation already has an upstream squid Proxy.
>
> All our current traffic is routed through the squid.
>
> We would like to setup an additional proxy running ISA 2004 for our
> department.
Why?
> What is the best setup?
> How does the external interface know where to send all internal traffic
to?
By the gateway address.
> Obviously with this setup I plan to use two intefaces, one for the
external
> and other for the internal interface. I am not sure whether to use
firewall
> clients or NAT clients. Does the physical network cabling path need to be
> for any of these methods, for example to ensure all traffic goes through
> ISA, or can this be done through access control lists in the router?
I'm sorry but I haven't got the faintest idea of where you are coming from!
"Billy K" <private@hotmail.com> wrote in message
news:40bdc88b@news.comindico.com.au...
> Guys,
>
> Need some advice. I am setting up an ISA Server in a department. The
> organisation already has an upstream squid Proxy.
>
> All our current traffic is routed through the squid.
>
> We would like to setup an additional proxy running ISA 2004 for our
> department.
Why?
> What is the best setup?
> How does the external interface know where to send all internal traffic
to?
By the gateway address.
> Obviously with this setup I plan to use two intefaces, one for the
external
> and other for the internal interface. I am not sure whether to use
firewall
> clients or NAT clients. Does the physical network cabling path need to be
> for any of these methods, for example to ensure all traffic goes through
> ISA, or can this be done through access control lists in the router?
I'm sorry but I haven't got the faintest idea of where you are coming from!
Archived from groups: comp.security.firewalls (More info?)
What kind of policy would direct traffic to the default gateway?
"Mike" <nospam@notherematey.com> wrote in message
news:c9kit2$cds$1@thorium.cix.co.uk...
>
> "Billy K" <private@hotmail.com> wrote in message
> news:40bdc88b@news.comindico.com.au...
> > Guys,
> >
> > Need some advice. I am setting up an ISA Server in a department. The
> > organisation already has an upstream squid Proxy.
> >
> > All our current traffic is routed through the squid.
> >
> > We would like to setup an additional proxy running ISA 2004 for our
> > department.
>
> Why?
>
> > What is the best setup?
> > How does the external interface know where to send all internal traffic
> to?
>
> By the gateway address.
>
>
> > Obviously with this setup I plan to use two intefaces, one for the
> external
> > and other for the internal interface. I am not sure whether to use
> firewall
> > clients or NAT clients. Does the physical network cabling path need to
be
> > for any of these methods, for example to ensure all traffic goes through
> > ISA, or can this be done through access control lists in the router?
>
> I'm sorry but I haven't got the faintest idea of where you are coming
from!
>
>
What kind of policy would direct traffic to the default gateway?
"Mike" <nospam@notherematey.com> wrote in message
news:c9kit2$cds$1@thorium.cix.co.uk...
>
> "Billy K" <private@hotmail.com> wrote in message
> news:40bdc88b@news.comindico.com.au...
> > Guys,
> >
> > Need some advice. I am setting up an ISA Server in a department. The
> > organisation already has an upstream squid Proxy.
> >
> > All our current traffic is routed through the squid.
> >
> > We would like to setup an additional proxy running ISA 2004 for our
> > department.
>
> Why?
>
> > What is the best setup?
> > How does the external interface know where to send all internal traffic
> to?
>
> By the gateway address.
>
>
> > Obviously with this setup I plan to use two intefaces, one for the
> external
> > and other for the internal interface. I am not sure whether to use
> firewall
> > clients or NAT clients. Does the physical network cabling path need to
be
> > for any of these methods, for example to ensure all traffic goes through
> > ISA, or can this be done through access control lists in the router?
>
> I'm sorry but I haven't got the faintest idea of where you are coming
from!
>
>
Archived from groups: comp.security.firewalls (More info?)
"Billy K" <private@hotmail.com> wrote in message
news:40bdcf79@news.comindico.com.au...
> What kind of policy would direct traffic to the default gateway?
No offence, but you need to go and read a book about TCP/IP networking.
Policies have nothing to do with this (ish). Its basic networking 101. If
you don't understand the basics you have no chance of getting ISA server
working the way you want.
And after that read another one about top posting in newsgroups :-)
"Billy K" <private@hotmail.com> wrote in message
news:40bdcf79@news.comindico.com.au...
> What kind of policy would direct traffic to the default gateway?
No offence, but you need to go and read a book about TCP/IP networking.
Policies have nothing to do with this (ish). Its basic networking 101. If
you don't understand the basics you have no chance of getting ISA server
working the way you want.
And after that read another one about top posting in newsgroups :-)
Archived from groups: comp.security.firewalls (More info?)
I understand default gateways and TCP/IP well, although I do not claim to be
an expert. In my initial post I informed that I am at a department level of
a large organisation. The default gateway for my network and all machines
in my network is our local router port.
However this is not the default gateway or last hop for the entire
organisation, and I doubt I set this IP address as my default gateway. I am
in a different subnet. All machines are also configured to use the upstream
proxy, which I am not trying to bypass.
Can someone clarify this for me?
"Mike" <nospam@notherematey.com> wrote in message
news:c9ko3i$f0k$1@thorium.cix.co.uk...
>
> "Billy K" <private@hotmail.com> wrote in message
> news:40bdcf79@news.comindico.com.au...
> > What kind of policy would direct traffic to the default gateway?
>
> No offence, but you need to go and read a book about TCP/IP networking.
> Policies have nothing to do with this (ish). Its basic networking 101. If
> you don't understand the basics you have no chance of getting ISA server
> working the way you want.
>
> And after that read another one about top posting in newsgroups :-)
>
>
I understand default gateways and TCP/IP well, although I do not claim to be
an expert. In my initial post I informed that I am at a department level of
a large organisation. The default gateway for my network and all machines
in my network is our local router port.
However this is not the default gateway or last hop for the entire
organisation, and I doubt I set this IP address as my default gateway. I am
in a different subnet. All machines are also configured to use the upstream
proxy, which I am not trying to bypass.
Can someone clarify this for me?
"Mike" <nospam@notherematey.com> wrote in message
news:c9ko3i$f0k$1@thorium.cix.co.uk...
>
> "Billy K" <private@hotmail.com> wrote in message
> news:40bdcf79@news.comindico.com.au...
> > What kind of policy would direct traffic to the default gateway?
>
> No offence, but you need to go and read a book about TCP/IP networking.
> Policies have nothing to do with this (ish). Its basic networking 101. If
> you don't understand the basics you have no chance of getting ISA server
> working the way you want.
>
> And after that read another one about top posting in newsgroups :-)
>
>
Archived from groups: comp.security.firewalls (More info?)
"Billy K" <private@hotmail.com> wrote in message
news:40bef9a0@news.comindico.com.au...
> I understand default gateways and TCP/IP well, although I do not claim to
be
> an expert. In my initial post I informed that I am at a department level
of
> a large organisation. The default gateway for my network and all machines
> in my network is our local router port.
>
> However this is not the default gateway or last hop for the entire
> organisation, and I doubt I set this IP address as my default gateway. I
am
> in a different subnet. All machines are also configured to use the
upstream
> proxy, which I am not trying to bypass.
>
> Can someone clarify this for me?
>
>
>
>
> "Mike" <nospam@notherematey.com> wrote in message
> news:c9ko3i$f0k$1@thorium.cix.co.uk...
> >
> > "Billy K" <private@hotmail.com> wrote in message
> > news:40bdcf79@news.comindico.com.au...
> > > What kind of policy would direct traffic to the default gateway?
> >
> > No offence, but you need to go and read a book about TCP/IP networking.
> > Policies have nothing to do with this (ish). Its basic networking 101.
If
> > you don't understand the basics you have no chance of getting ISA server
> > working the way you want.
> >
> > And after that read another one about top posting in newsgroups :-)
You didn't read the book about top posting did you?
Your default gateway will be your router.
"Billy K" <private@hotmail.com> wrote in message
news:40bef9a0@news.comindico.com.au...
> I understand default gateways and TCP/IP well, although I do not claim to
be
> an expert. In my initial post I informed that I am at a department level
of
> a large organisation. The default gateway for my network and all machines
> in my network is our local router port.
>
> However this is not the default gateway or last hop for the entire
> organisation, and I doubt I set this IP address as my default gateway. I
am
> in a different subnet. All machines are also configured to use the
upstream
> proxy, which I am not trying to bypass.
>
> Can someone clarify this for me?
>
>
>
>
> "Mike" <nospam@notherematey.com> wrote in message
> news:c9ko3i$f0k$1@thorium.cix.co.uk...
> >
> > "Billy K" <private@hotmail.com> wrote in message
> > news:40bdcf79@news.comindico.com.au...
> > > What kind of policy would direct traffic to the default gateway?
> >
> > No offence, but you need to go and read a book about TCP/IP networking.
> > Policies have nothing to do with this (ish). Its basic networking 101.
If
> > you don't understand the basics you have no chance of getting ISA server
> > working the way you want.
> >
> > And after that read another one about top posting in newsgroups :-)
You didn't read the book about top posting did you?
Your default gateway will be your router.
Related ressources:
- ForumWin2k server and ISA 2004
- ForumWin2k and ISA 2004 server
- ForumLinksys BEFSX41, ISA , & RDP Problem.
- ForumISA Opinions
- ForumHow do I allow clients with Remote Desktop inside ISA to a..
- ForumThe question about two AD-integrated DNS servers.
- ForumProblem with DNS resolving externa IP address of the server
- Forumiptables - how to access local server using external ip
- ForumExternal 5.25 inch floppy drive for computer?
- ForumWhat should i do?
- ForumTomb Raider Fan Fiction Competition 2004
- ForumList of Vista Supported Hardware & Software
- ForumIncredibly long map load times UT 2004
- ForumAccess with HTTPS to a HTTP server
- Forum10 Years Ago.. My (Legacy) Dream Machine '96. :)
- ForumHow to setup a 1GB Gigabyte Network
- ForumNIS 2004 on win xp
- ForumHow to Stop bypassing Proxy server?
- ForumWeb server placement in DMZ
- ForumHow to Stop bypassing Proxy server
- More resources
Read discussions in other Networking categories
!
