-
September 11th, 2006, 01:52 PM
#1
Member
Connecting ISA Server to Cisco Router
Hi,
I have been tasked to connect users connecting to an ISA Server directly to a cisco router. This would inturn connect them to our network without having to load an VPN client on the client PC or making holes on the cisco side.
Anyone have any ideas? I have seen a doc on the net explaining what to change on the config of the ISA Server.
The link below:
http://www.tacteam.net/isaserverorg/...2/b2bnat-t.htm
if anyone can help, please let me know.
thanks in advance.
.....I rather not say....
-
September 11th, 2006, 02:39 PM
#2
Maybe you can quote the link...not many of us click on them
First thing is
You will need 2 NICs to use the ISA as a firewall...one goes to the router (external) and then one the goes to your network switch (internal)
What services are you going to be running..OWA and Remote Desktop???
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
September 11th, 2006, 08:05 PM
#3
Member
Apologies for only posting link....
the URL only talks about making changes to ISA Server allowing VPN port numbers through and it then has a step by step instruction on how to do it.
Yes, this will be used for http,mail,RDP.
thanks for heads up on 2 nics. did not think it was necessary though? the ISA server will be connected to switch which in turn is connected to router or ISA server will be directly connected to router. Using a Cisco 800 series with ADSL port.
.....I rather not say....
-
September 11th, 2006, 10:32 PM
#4
Junior Member
Two nic's won't be needed if your going from router -> switch -> isa, you just need to change your gateway to the ISA server. Are you going to be setting up the vpn on the ISA server, or through the cisco router?
edit: You might explain a bit more on what you're doing / trying to do also.
I have my CCNA and i'm currently working towards my CCNP and CSSP.
-
September 12th, 2006, 07:39 AM
#5
Member
I have a client that I need to provide services for.
The requirements are:
- Mail ( here they can connect to my exchange server)
- Connectivity : ADSL connection to ISP, then VPN in to my network for services like mail(EXCHANGE), shared folders, applications based on my network.
- Internet Access
Now.....I am not quite sure if the client workstations will be making VPN connections directly to my network or with the ISA server act as the gateway and make the connection on their behalf.
Not sure if I covered everything .... let me know.
.....I rather not say....
-
September 12th, 2006, 02:18 PM
#6
Two nic's won't be needed if your going from router -> switch -> isa, you just need to change your gateway to the ISA server. Are you going to be setting up the vpn on the ISA server, or through the cisco router?
I understand that you dont require 2 nics in ISA...........
But then what would be the point of running ISA as a firewall.
The ISA would authenticate the user coming in and point them to the services required...NO???
We need way more info like the layout of the network...I dont really know what the question is???
Do you want to know what ports are required???
How are they going to access the exchange...through VPN or Outlook Web access...
To run applications you would need a terminal server or allow them to connect to a machine (which cannot be in use) and use remote desktop.
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
September 12th, 2006, 02:56 PM
#7
Junior Member
But then what would be the point of running ISA as a firewall.
The ISA would authenticate the user coming in and point them to the services required...NO???
ISA does not require a second nic to authenticate users. If you use the ISA with one nic instead of two, you're just setting the ISA as your gateway, and possibly as a proxy server for web(if you're configuring that).
I have my CCNA and i'm currently working towards my CCNP and CSSP.
-
September 12th, 2006, 03:15 PM
#8
Well if you dont have 2 nics...then you could just bypass the ISA altogether...
So what would be the point of running ISA......
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
September 12th, 2006, 04:14 PM
#9
Junior Member
It could all depend on your situation. If the client is going to bypass the ISA, they need to know of a gateway to bypass it with. In MY personal situation, we have an ISA server running for all of our employees, then a sonicwall for the servers, it all boils down to what it's needed for.
In reality, we need to know more about the OP's information before we can decide if he needs one or two nics.
I have my CCNA and i'm currently working towards my CCNP and CSSP.
-
September 12th, 2006, 04:24 PM
#10
nothing a quick scan would gleen
Yes the original poster needs to supply more info....and if he doesnt use the ISA for authentication...and doesnt want to use the cisco VPN client...........then I guess anyone coming in through the router will have access to the the internal network.....
Thats secure
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|