ISA 2006 web proxy scenario
- From: guardian911@xxxxxxxxx
- Date: 15 May 2007 08:42:40 -0700
I have the following ISA 2006 configuration: 4 ISA 2006 Standard
Editions servers, each with 2 NICs (External and Internal) in
workgroup mode. The 4 servers are in 2 separate DMZ's - see below.
Internet->PIX-> ISA2006 external array (DMZ) -> Internal network <-
ISA2006 internal array (DMZ) <-Internal users
I would like to consolidate this configuration by removing the ISA2006
internal array and having all traffic handled by the external array.
However, this has to happen without internal traffic being routed to
the Internet.
I've considered a couple of options but would like someone's feedback
on their viability:
option #1 - Create a 3rd NIC in the ISA array and route all requests
for the published servers through that NIC. I'm not sure if this will
work or if I need to use a NAT relationship.
option #2 - Add a 2nd external interface on the PIX. NAT all internal
user traffic destined to the published servers through the PIX's 2nd
external interface which in turn will forward that to ISA's external
interface.
Will either of these work and if not, what are the better options that
I am missing?
Thanks,
Paul
.
- Follow-Ups:
- Re: ISA 2006 web proxy scenario
- From: Phillip Windell
- Re: ISA 2006 web proxy scenario
- Prev by Date: wpad.dat (proxy.pac) rules question
- Next by Date: Re: wpad.dat (proxy.pac) rules question
- Previous by thread: wpad.dat (proxy.pac) rules question
- Next by thread: Re: ISA 2006 web proxy scenario
- Index(es):
Relevant Pages
|
Loading
