Re: Communication issue
- From: Jim in Cleveland <JiminCleveland@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 27 Jul 2007 14:10:02 -0700
Phillip,
Thanks for the info. If you can, can you please answer my following
question (you sound like you know a hell of a lot more than I do!!).
Regarding the internal NIC card then, leave the default gateway blank?
Also, during installation, I came upon a page that asks to configure the
internal network address range. On our 2000 server, this looks like you
entered a range that then made up the LAT table. The entry on it was
192.168.0.0 to 192.168.0.255. On the 2004 machine, I have the option of
choosing a range (I did same as above) or to select the network adapter.
Since we have a single, internal domain (192.168.0.x and no other), can I
populate the Internal Network Address range as 192.168.0.0 to 192.168.0.255?
Thanks in Advance,
Jim
"Phillip Windell" wrote:
2004 is completely different than 2000..
2000 was part of "Internal"
2004/2006 is *not* part of "Internal" and does not allow open communication
from Internal beyond what the System Policy permits. In other words it does
not fully "trust" the Internal LAN.
2004/2006 lives in its own little world called the LocalHost Network
You actually have to create Access Rules to allow access between Internal
and LocalHost. The Rules are not automatically bi-directional either unless
you make them that way yourself.
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html
Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc
Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------
"Jim in Cleveland" <JiminCleveland@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:3594B745-C684-4761-9DCC-56B6CCAABCAB@xxxxxxxxxxxxxxxx
We currently use ISA 2000 on a Windows 2000 server. I just fired up
another
box that has Server 2003 and I loaded ISA 2004. Ran the Migration tool on
the 2000 ISA box and imported the .xml file onto the ISA 2004 box. When I
try to ping the ISA2004 box from any computer on the network (using both
name
name and/or IP address), it does not reply. But, from the ISA 2004 box, I
can ping any node on the network and get a response back. ISA 2004 box is
registered with internal DNS server. the ISA 2004 box's internal NIC
settings have valid IP and subnet addresses for the subnet, no default
gateway is entered (per Shinder's ISA 2004 book) and DNS settings are set
for
internal DNS server. Even when I disable the firewall server, I get no
response. Can anyone out there point me in the right direction?
- Follow-Ups:
- Re: Communication issue
- From: Phillip Windell
- Re: Communication issue
- References:
- Re: Communication issue
- From: Phillip Windell
- Re: Communication issue
- Prev by Date: ISA 2006 and internal routing...
- Next by Date: Re: VPN problem
- Previous by thread: Re: Communication issue
- Next by thread: Re: Communication issue
- Index(es):
Relevant Pages
|
Loading
