Re: How to add static routes to ISA Server

Hi,

according to what I am trying to achieve is the following:

"3 static routes, one per remote location, will need to be added to the
firewall at 10.10.250.1 pointing to the CE device 10.10.250.2 as the
next hop address."


To achieve that I have done the following:

1) created persistant routes using the route command

i.e


route -p add 10.10.247.254 mask 255.255.255.255 10.10.250.2
route -p add 192.168.10.1 mask 255.255.255.255 10.10.250.2
route -p add 192.168.1.1 mask 255.255.255.255 10.10.250.2


2) defined p2, p3, p4 as networks [based on their IP ranges]

http://www.box.net/shared/y5d6bzbbsj

//corrected that to have from 0 to 255, not from
1 to 254.


http://www.box.net/shared/y5d6bzbbsj


3) created the network rules

http://www.box.net/shared/1gcophgahv

http://www.box.net/shared/qqpua6z7ty

http://www.box.net/shared/l6gppmfrf1


4) created the access rules for the networks

http://www.box.net/shared/dy25yk0qyl



However, from my basic understanding no where are we defining on the isa
server that if its for 192.168.10.2 (eg network destionation p3) then please
route this to 10.10.250.2

as what the above statement seems to imply?


How do we do that in ISA?

Thanks



"Nick Domukhovsky" wrote:

2) then defining the network for p2

see http://www.box.net/shared/y5d6bzbbsj
If you do not want to receive ISA warnings, make from 0 to 255, not from
1 to 254.


3) made the network rules


http://www.box.net/shared/1gcophgahv

http://www.box.net/shared/qqpua6z7ty

http://www.box.net/shared/l6gppmfrf1

what i am not sure about is ... Since its private vpn ... is it supposed to
be a route relationship or NAT?
If you want to make your VPN clients like internal users, you can simply
add p2 network object to existing network rules ("VPN clients to
internal network" and "Internet access") so your VPN clients will be
routed to internal and NATed to external. Of course, in "Internet
access" rule you should add p2 as source network.



--
With best regards
Nickolay Domukhovsky, MCSA

.

Relevant Pages

  • Re: One computer on 2 networks
    ... On the server take the new "internet Nic" and set it up properly for the ... Create a static route in the OS's routing table that uses the LAN Router ... don't work in the Network Admin Dept. I'm a developer. ...
    (microsoft.public.windows.server.networking)
  • Re: One computer on 2 networks
    ... don't work in the Network Admin Dept. I'm a developer. ... I am working on a project where we need to expose to the internet the ... a Web Server, VPN Server, Remote Desktop. ... So the correct route add syntax would be: ...
    (microsoft.public.windows.server.networking)
  • Re: Weird net connection problem
    ... Lets say that you have your own /24 network that ... The internet knows nothing. ... my sloppy writing - I mean the set of routers that go to make up ... for the high-speed route from the Tunnel to St Pancras not only cut the ...
    (uk.comp.sys.mac)
  • Re: [ubuntu-za] network problem
    ... i was having troble with my network, but i could conect to the ... when i rebooted i could not connect to the internet:< ... You can type "route" at the ... I think) to see which interface is used to send information out. ...
    (Ubuntu)
  • Re: How to add static routes to ISA Server
    ... I think that the route add should be: ... you want it to represent the whole network and also the subnet should be ... If you want to make your VPN clients like internal users, ... internal network" and "Internet access") so your VPN clients will be ...
    (microsoft.public.isa)