Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: ISA 2004 and 3 NICs

ISA 2004 and 3 NICs 10 years 2 weeks ago #18027

my question is not direct as i don't know what should i ask to get an answer. i manage verywell my ISA 2004 using 2 NIC (Internal & External). no problems but now this is the case, please try to visualize the case:

I have and ADSL Router for Internet.
Local LAN, and
another LAN behind a frame relay routed path. (branch office).


so i brought this server 2003 machine with ISA 2004 with 3 NICs. 1st is getting the internet from the ADSL router. 2nd is for my LAN (main office LAN) and 3rd is for the Branch office LAN.

Local network ip is 200.100.0.0
Internet IP is (some IP) (Dynamic)
branch network is 172.16.1.0

how should i configure the ISA to allow branch office to access the internet. i would like to add that i configured the ISA once using the edge module and another using the three legged module. please advice.


Note: how can i add an image to this post??? i want to draw and post the toplogy drawing...!
B.Sc (Computer science),
Passed: 270-70 & 270-90
working on: 270-91 & CCNA

********Never hisitate asking. Not everyone knows. Seek Learning*********
The administrator has disabled public write access.

Re: ISA 2004 and 3 NICs 10 years 2 weeks ago #18031

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
Hi,

In answer to posting an image, please see this thread which asked the same question http://www.firewall.cx/ftopict-3697.html

Now, in answer to the ISA question. There is a template that there to setup a 3-Leg Firewall however this may not be what you are looking for as it sets up a perimeter network on one of the network legs http://www.microsoft.com/technet/isa/2004/help/FW_3LegTemplate.mspx?mfr=true

If memory serves;

It may be easier to get the two NIC one working first, define the external and the Internal using the template. Once this is done, configure the Branch office, defining an ip range for it also. THen you need to setup relationships between the different networks and what you want to do.

You would end up with relationships like this;

Internal - Outside --> NAT
Branch - Outside --> NAT
Internal - Branch --> Routing

If you require more details then please let me know. I may try and setup a test ISA as i may have missed some steps out as its been a while since i configured one. I'll ask my collegue at work to just run through this also.

Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.

Re: ISA 2004 and 3 NICs 10 years 2 weeks ago #18032

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
Oops, also dont forget some rules to allow the traffic you want to go through :)
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.
Time to create page: 0.077 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup