Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: PIX and ISA Server

PIX and ISA Server 11 years 3 months ago #9667

  • RA1313IT
  • RA1313IT's Avatar
  • Offline
  • New Member
  • Posts: 19
  • Karma: 0
I'm setting up a remote site vpn from my ISA server to a PIX 501 Firewall box. I can get the ipsec connections up and get to my internal network, however any internet traffic is passed out through the public address on the PIX.
What I want to accomplish is having all outbound traffic, (internet) being sent accross the ipsec tunnel and back out through my ISA server for security purposes (use my ISA rules). Does anybody know how to do this or if its even possible? ( I assume it is beings it would act like a normal vpn connection to my ISA server from a remote site) Or even a link or somewhere with some good documentation on this. I have checked cisco's website and some ISA server sites with little success. Thanks in advance
RA1313IT
The administrator has disabled public write access.

Re: PIX and ISA Server 11 years 3 months ago #9687

  • stefke
  • stefke's Avatar
  • Offline
  • Frequent Member
  • Posts: 36
  • Karma: 0
Hi,

If I get it right you have following setup:

HQ LAN (A) --> ISA2004
IPSEC TUNNEL
PIX --- Remote Site LAN (B)

What you have: somebody from B wants to connect to the Internet it exists via the public IP of the PIX.

What you want : Connecting from B to the Internet should pass via ISA 2004 to the Internet

Solution(s):

1) Use the ISA firewall client on B
2) Set your GW on B to point to th ISA
3) Use the ISA as your proxy on B

I would go for solution 1) as this provides you valuable benefits (TCP/UDP apps. connections, authentication, etc..)

You can check out www.isaserver.org for any ISA related info.

hth

Greetz,

Stefan
The administrator has disabled public write access.

Re: PIX and ISA Server 11 years 3 months ago #9700

  • RA1313IT
  • RA1313IT's Avatar
  • Offline
  • New Member
  • Posts: 19
  • Karma: 0
Stefan,

Thanks for your response.

This works great, i guess it isnt as difficult as I thought it was, i was figuring i had a rule set wrong in the PIX, but thanks for the multiple solutions to my problem

RA1313IT
The administrator has disabled public write access.

Re: PIX and ISA Server 11 years 3 months ago #9710

  • stefke
  • stefke's Avatar
  • Offline
  • Frequent Member
  • Posts: 36
  • Karma: 0
Hi,

Your welcome and thanks for the follow up !

Greetz,

Stefke
The administrator has disabled public write access.
Time to create page: 0.075 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup