ISA Server Help

Toggle sidebar Toggle sidebar
B

birthofsorrow

Member
May 10, 2003
186
0
0
I have a business grade cable connection with 16 Ip address. I need to set up a router that will act as a firewall and all the computers on the other side to get REAL IP's via dhcp. The 16 IP addresses are obtained via DHCP.

Is it Possilbe to do this with ISA Server?

any help would be great

Thanks
Mike
 
G

GoldChain

Junior Member
Jun 7, 2001
10
0
0
I don't believe so. A firewall is essentially a router, so that means the IP address space on the "outside" must be different than the IP address space on the "inside". Recently a friend setup an ISA server (before eventually buying a Cisco PIX firewall) and what I told him to do (which worked) was to:

A) give each PC on the "inside" an IP address. (i.e. choose an IP addressing scheme for the inside, like 192.168.x.y or 10.x.y.z). Don't use DHCP for this, as with a business class conenction with multiple IPs, you should get 16 static addresses, not DHCP addresses. If your provider is forcing your to use DHCP for 16 addresses on a business-class connection, then complain and demand static IPs. Otherwise using DNS to direct people to your servers will be a great pain (plus that makes using a firewall virtually impossible.)

then

B) Setup a static NAT entry for each of your 16 "outside" addresses (well, actually 15, because usually the ISA server would need one of them) that points each outside address to the proper inside address.

HTH,
GoldChain
 
S

Saltin

Platinum Member
Jul 21, 2001
2,175
0
0
Yeah the thing to do here is to use NAT.

On its external interface, ISA takes a static IP (public) ideally, or DHCP if you don't have a choice.
Your internal computers use private IP's.

ISA relies on a LAT (local address table) to distinguish trusted from untrusted sources. This is why the IP addresses on each NIC should be in different networks
 
B

birthofsorrow

Member
May 10, 2003
186
0
0
I don't want to use straight up NAT. I have to stay away from port fowarding as well. But if there is some way i could map a real IP to a private on ip on the internal network, that may work.


hrmmmmmmm
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom
sale-70-410-exam    | Exam-200-125-pdf    | we-sale-70-410-exam    | hot-sale-70-410-exam    | Latest-exam-700-603-Dumps    | Dumps-98-363-exams-date    | Certs-200-125-date    | Dumps-300-075-exams-date    | hot-sale-book-C8010-726-book    | Hot-Sale-200-310-Exam    | Exam-Description-200-310-dumps?    | hot-sale-book-200-125-book    | Latest-Updated-300-209-Exam    | Dumps-210-260-exams-date    | Download-200-125-Exam-PDF    | Exam-Description-300-101-dumps    | Certs-300-101-date    | Hot-Sale-300-075-Exam    | Latest-exam-200-125-Dumps    | Exam-Description-200-125-dumps    | Latest-Updated-300-075-Exam    | hot-sale-book-210-260-book    | Dumps-200-901-exams-date    | Certs-200-901-date    | Latest-exam-1Z0-062-Dumps    | Hot-Sale-1Z0-062-Exam    | Certs-CSSLP-date    | 100%-Pass-70-383-Exams    | Latest-JN0-360-real-exam-questions    | 100%-Pass-4A0-100-Real-Exam-Questions    | Dumps-300-135-exams-date    | Passed-200-105-Tech-Exams    | Latest-Updated-200-310-Exam    | Download-300-070-Exam-PDF    | Hot-Sale-JN0-360-Exam    | 100%-Pass-JN0-360-Exams    | 100%-Pass-JN0-360-Real-Exam-Questions    | Dumps-JN0-360-exams-date    | Exam-Description-1Z0-876-dumps    | Latest-exam-1Z0-876-Dumps    | Dumps-HPE0-Y53-exams-date    | 2017-Latest-HPE0-Y53-Exam    | 100%-Pass-HPE0-Y53-Real-Exam-Questions    | Pass-4A0-100-Exam    | Latest-4A0-100-Questions    | Dumps-98-365-exams-date    | 2017-Latest-98-365-Exam    | 100%-Pass-VCS-254-Exams    | 2017-Latest-VCS-273-Exam    | Dumps-200-355-exams-date    | 2017-Latest-300-320-Exam    | Pass-300-101-Exam    | 100%-Pass-300-115-Exams    |
http://www.portvapes.co.uk/    | http://www.portvapes.co.uk/    |