port forwarding (rerouting) with isa server.
From: Kris Houben (kris_at_hypersoft.be)
Date: 03/04/04
- Next message: Jamal Mubarik: "What is Filtered Port"
- Previous message: Dwayne: "Newbie Question"
- Next in thread: Andy: "RE: port forwarding (rerouting) with isa server."
- Reply: Andy: "RE: port forwarding (rerouting) with isa server."
- Reply: Phillip Windell: "Re: port forwarding (rerouting) with isa server."
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 04 Mar 2004 00:15:03 GMT
Hello ,
I have a question about port forwarding with isa server. i am using the
following setup : A cisco ADSL router with fixed ip adress (212.233.1.34)
connected to the internet. An isa server (Win 2K3) with 2 nic cards , one
external nic connected to the router (IP 192.168.0.1) and one internal nic
connected to the internal network (IP 10.0.0.1). On the isa server is an
application installed listening on port 99. In the router is a port
forwarding rule configured so that all traffic for port 99 is forwarded to
the ip adres 192.168.0.1 (this is the external nic of the isa server).
So when a client on the internet (outside the internal network) tries to
connect to the server using ip 212.233.1.34 on port 99 , everything works
fine (the packets get forwarded to 192.168.0.1 on port 99, so the
application running on the server will response.)
Now i have a problem when a client installed on the internal network (for
example pc with ip 10.0.0.2) tries to connect to the ip 212.233.1.34 on port
99. In this case the port is not forwarded to the 192.168.0.1 adres of the
isa server. (A tracing tells me the packets are delivered through the
192.168.0.1 ip adres to the 192.168.0.10 internal adres of the router, but
are not forwarded to the 192.168.0.1 adres again. It seems that packets
delivered to the router on the internal ip adres of the router , which have
as destination adress the external adres of that same router , are no
forwarded by the rules programmed in the router. I have noticed this kind of
behavior with other types and brands of routers as well. Perhaps port
forwarding rules apply only to traffic arriving on the external wan port of
the router)
So now i am looking. for a way to reroute the internal traffic destinated
for the external ip of the router to the internal ip of the isa server, and
would like to know if this is possible with isa server , and if so how to
set up.
The idea is , that all traffic arriving on the internal nic of the isa
server which has as destination ip adres the external ip of the router (ip
212.233.1.34) needs to be forwarded to ip 10.0.0.1. So traffic on port 99
from 10.0.0.x (subnet 255.255.255.0) arriving at the internal nic of the isa
server with as destination ip adres 212.233.1.34 needs to be forwarded to ip
10.0.0.1 on port 99. In this case the application on the isa server on port
99 can reply.
Client PC ------------------- ISA server -------------------------
Router (CISCO 831)
Internal NIC External Nic
Internal IP External IP
10.0.0.2 10.0.0.1 192.168.0.1
192.168.0.10 212.233.1.34
(application listening on port 99)
<----------- (forwarding rule : port 99 to 192.168.0.1)
Side note :
All the client applications (installed on the client pc's) need to have as
connecting ip adres the external ip of the router : this is 212.233.1.34
port 99). It is not possible to change this ip adres (for clients on the
internal network to 10.0.0.1). This solution would work, but most of these
clients are installed on notebooks , which needs to work on the internal
network aswell , outside the internal network on the internet. (And is not
possible for a user th change the ip adres in the client software, no access
rights)
Setting op a VPN connection is not an option.
All help would be welcome.
Thanks,
Kris Houben
HyperSoft
Belgium
- Next message: Jamal Mubarik: "What is Filtered Port"
- Previous message: Dwayne: "Newbie Question"
- Next in thread: Andy: "RE: port forwarding (rerouting) with isa server."
- Reply: Andy: "RE: port forwarding (rerouting) with isa server."
- Reply: Phillip Windell: "Re: port forwarding (rerouting) with isa server."
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
