Re: Problem redirecting traffic from remote site into main
- From: "Johan Engdahl" <johan@xxxxxxxxxxxx>
- Date: Thu, 8 Feb 2007 11:07:32 +0100
Have you set up a network routerule to the remote network ?
To avoid spoofing issues you must let the ISA accept packets originating
from the remote network on it´s internal interface
How about NAT for the remote network on the ISA external interface ?
And ofcourse check the rulebase for suitable accessrules
--
----------------------------------------------------------------------------------------------------------------------------
Johan Engdahl
CCSA, CCSE, CCA, MCP | johan AT firewall1 DOT nu | http://www.firewall1.nu
"nabla" <nabla@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:27023A19-0C7A-49E4-8280-C933494F4D34@xxxxxxxxxxxxxxxx
Hi folks,
We have 2 sites with ISA 2006, they are connected through a MPLS and only
one has a direct Internet access.
Let us call site A, the main and B the remote. All traffic from B internal
and external is sent down through IPSEC tunnel (routed). The plan was to
have
ISA on site A routing the internal traffic and NATing the external part
(for
both sites).
External traffic is limited to a few hosts (mail servers and a http
filtering service),
so including internet traffic in the tunnel is possible with our private
IP
ranges.
Intersite traffic works great.
The problem is that we have been unable to setup network rules (on site A)
to allow access from both sites to the external hosts (at the same time).
We have no trace of filtering issues, the packets simply vanishe whitout
any
trace. So it seems to be a network rule issue
Any idea ?
.
- Follow-Ups:
- Prev by Date: Re: Norton AV blocks VPN
- Next by Date: Re: Problem redirecting traffic from remote site into main
- Previous by thread: Re: HTTP problem in Site-to-site VPN
- Next by thread: Re: Problem redirecting traffic from remote site into main
- Index(es):
Relevant Pages
|
