Re: No rule application !!!
- From: "Yann" <Yann@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 8 Dec 2005 10:57:02 -0800
i think it's not what i meant i use the pix to do NAT on same ip address and
the ISA to route the network coming from the pix.
It means :
Internal Network --> PIX "NAT" --> ISA --> Server to reach
------'C'----------- --> ----------'A'----> -----------'B'-----------
and 'C' to 'B' doesn't work !!!
Thx
"Phillip Windell" wrote:
> You are trying to use the PIX and the ISA as if they were LAN Routers.
> They are not LAN Routers,...forget it.
>
> You would have to replace both the ISA and the PIX with a LAN Router. All
> three networks would have to run compatible addrressing, probably RFC
> Private, and all three networks would be "equal" and "trusted".
>
> The ISA, or PIX, or both,...would go at the "network edge" where it meets
> the Internet and would have nothing to do with the three LAN Segments
> communicating with each other.
>
> --
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
> -----------------------------------------------------
> Understanding the ISA 2004 Access Rule Processing
> http://www.isaserver.org/articles/ISA2004_AccessRules.html
>
> Microsoft Internet Security & Acceleration Server: Guidance
> http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
> http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp
>
> Microsoft Internet Security & Acceleration Server: Partners
> http://www.microsoft.com/isaserver/partners/default.asp
>
> Deployment Guidelines for ISA Server 2004 Enterprise Edition
> http://www.microsoft.com/technet/prodtechnol/isa/2004/deploy/dgisaserver.mspx
> -----------------------------------------------------
>
>
>
> "Yann" <Yann@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:34C90BB8-4E6A-42AC-8EB8-D547B1156620@xxxxxxxxxxxxxxxx
> > Hello all,
> >
> > I have a little issue with ISA Server, my topology is the following : ISA
> > Server with 2 NIC's one on network 'A' and one on network 'B' i have a
> third
> > newtok behind a PIX 525 which i will call network 'C' and the PIX is on
> the
> > network 'A' too.
> > What i can't do is to ping a server in network 'B' from network 'C' i
> > checked all my network defined on ISA so network 'C' to network 'B' is
> routed
> > by ISA, i also checked all the ISA policies so all outbound traffic from
> > network 'C' to network 'B' the same from 'B' to 'C' so when i ping i see
> > traffic coming from 'C' to 'B' with denied connection and in the rule
> column
> > i don't see anything applied i thought the default rule was at list
> applied
> > but nothing.
> > additionnaly, the 'C' network coming from the PIX is translated as 'C' on
> > the 'A' Network.
> > Many thanks for your help ?
> >
> >
>
>
>
.
- Prev by Date: Re: No domain users
- Next by Date: VPN thru ISA 2004 to external sites
- Previous by thread: Re: Firewall override proxy ??
- Next by thread: Re: No rule application !!!
- Index(es):
Relevant Pages
|
