Re: Routing between branch office Site 3 site vpns
- From: "Phillip Windell" <philwindell@xxxxxxxxxxx>
- Date: Fri, 3 Aug 2007 13:47:00 -0500
I have no idea what you are asking or describing there.
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
"exchangerookie1994" <exchangerookie1994@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:B4A7FF84-0EC0-4049-93A9-801F66CF21CC@xxxxxxxxxxxxxxxx
Thanks for the response. I have a route rule setup between network, and I
have an access rule that allow all outbound trffic between networks. With
this configuration how does it know how to route where to send traffic for
remote VPN. May be a routing issue? Would RIP help?
Thanks again
"Phillip Windell" wrote:
ISA makes a very over-restrictive LAN router if you don't handle it
properly.
Nothing is allowed by default between "new" networks that you create on
the
ISA.
Every combination of "networks" needs to be accounted for in Access Rules
for the various network to communicate.
If you have:
1. Internal
2. External
3. VPN #1
4. VPN #2
And you create an Access Rule to handle VPN #1 to Internal and another
Rule
for VPN #2 to Internal,...that does not allow VPN #1 and VPN # to
communicate,...that requires another Access Rule for VPN #1 <--> VPN #2.
You can combine things in a single Access Rule,...but you have to
actually
do it,...it isn't automatic.
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or
Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html
Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc
Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------
"exchangerookie1994" <exchangerookie1994@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in
message news:965475AA-8504-4500-87C0-7C65F3C0926B@xxxxxxxxxxxxxxxx
We have 3 sites. Main site with ISA 2006 SE and 2 branch office sites
(sites
B and C) sites B and C have pix 501's configured with ipsec tunnel mode
to
ISA 2006 at main site.
Is there a way to transparently route traffic between 2 remote sites
without
setting up another tunnel between the 2 PIx 501's, Since both are vpn
into
ISA at main office?
Thanks for your time
.
- Follow-Ups:
- Re: Routing between branch office Site 3 site vpns
- From: exchangerookie1994
- Re: Routing between branch office Site 3 site vpns
- References:
- Re: Routing between branch office Site 3 site vpns
- From: Phillip Windell
- Re: Routing between branch office Site 3 site vpns
- Prev by Date: Re: Routing between branch office Site 3 site vpns
- Next by Date: Re: Routing between branch office Site 3 site vpns
- Previous by thread: Re: Routing between branch office Site 3 site vpns
- Next by thread: Re: Routing between branch office Site 3 site vpns
- Index(es):
Relevant Pages
|
Loading
