Page 1 of 3 123 LastLast
Results 1 to 10 of 28

Thread: Connecting ISA Server to Cisco Router

  1. #1
    Member bradlesliect's Avatar
    Join Date
    Apr 2006
    Location
    CT - SA
    Posts
    74

    Connecting ISA Server to Cisco Router

    Hi,

    I have been tasked to connect users connecting to an ISA Server directly to a cisco router. This would inturn connect them to our network without having to load an VPN client on the client PC or making holes on the cisco side.

    Anyone have any ideas? I have seen a doc on the net explaining what to change on the config of the ISA Server.

    The link below:

    http://www.tacteam.net/isaserverorg/...2/b2bnat-t.htm

    if anyone can help, please let me know.

    thanks in advance.
    .....I rather not say....

  2. #2
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Maybe you can quote the link...not many of us click on them

    First thing is

    You will need 2 NICs to use the ISA as a firewall...one goes to the router (external) and then one the goes to your network switch (internal)

    What services are you going to be running..OWA and Remote Desktop???

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  3. #3
    Member bradlesliect's Avatar
    Join Date
    Apr 2006
    Location
    CT - SA
    Posts
    74
    Apologies for only posting link....

    the URL only talks about making changes to ISA Server allowing VPN port numbers through and it then has a step by step instruction on how to do it.

    Yes, this will be used for http,mail,RDP.

    thanks for heads up on 2 nics. did not think it was necessary though? the ISA server will be connected to switch which in turn is connected to router or ISA server will be directly connected to router. Using a Cisco 800 series with ADSL port.
    .....I rather not say....

  4. #4
    Junior Member
    Join Date
    Aug 2006
    Posts
    29
    Two nic's won't be needed if your going from router -> switch -> isa, you just need to change your gateway to the ISA server. Are you going to be setting up the vpn on the ISA server, or through the cisco router?

    edit: You might explain a bit more on what you're doing / trying to do also.
    I have my CCNA and i'm currently working towards my CCNP and CSSP.

  5. #5
    Member bradlesliect's Avatar
    Join Date
    Apr 2006
    Location
    CT - SA
    Posts
    74
    I have a client that I need to provide services for.

    The requirements are:

    - Mail ( here they can connect to my exchange server)
    - Connectivity : ADSL connection to ISP, then VPN in to my network for services like mail(EXCHANGE), shared folders, applications based on my network.
    - Internet Access


    Now.....I am not quite sure if the client workstations will be making VPN connections directly to my network or with the ISA server act as the gateway and make the connection on their behalf.

    Not sure if I covered everything .... let me know.
    .....I rather not say....

  6. #6
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Two nic's won't be needed if your going from router -> switch -> isa, you just need to change your gateway to the ISA server. Are you going to be setting up the vpn on the ISA server, or through the cisco router?
    I understand that you dont require 2 nics in ISA...........

    But then what would be the point of running ISA as a firewall.

    The ISA would authenticate the user coming in and point them to the services required...NO???

    We need way more info like the layout of the network...I dont really know what the question is???


    Do you want to know what ports are required???

    How are they going to access the exchange...through VPN or Outlook Web access...

    To run applications you would need a terminal server or allow them to connect to a machine (which cannot be in use) and use remote desktop.

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  7. #7
    Junior Member
    Join Date
    Aug 2006
    Posts
    29
    But then what would be the point of running ISA as a firewall.

    The ISA would authenticate the user coming in and point them to the services required...NO???
    ISA does not require a second nic to authenticate users. If you use the ISA with one nic instead of two, you're just setting the ISA as your gateway, and possibly as a proxy server for web(if you're configuring that).
    I have my CCNA and i'm currently working towards my CCNP and CSSP.

  8. #8
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Well if you dont have 2 nics...then you could just bypass the ISA altogether...

    So what would be the point of running ISA......

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  9. #9
    Junior Member
    Join Date
    Aug 2006
    Posts
    29
    It could all depend on your situation. If the client is going to bypass the ISA, they need to know of a gateway to bypass it with. In MY personal situation, we have an ISA server running for all of our employees, then a sonicwall for the servers, it all boils down to what it's needed for.


    In reality, we need to know more about the OP's information before we can decide if he needs one or two nics.
    I have my CCNA and i'm currently working towards my CCNP and CSSP.

  10. #10
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    nothing a quick scan would gleen

    Yes the original poster needs to supply more info....and if he doesnt use the ISA for authentication...and doesnt want to use the cisco VPN client...........then I guess anyone coming in through the router will have access to the the internal network.....

    Thats secure


    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •