general question on design options
- From: "David" <nospam@xxxxxxxxxx>
- Date: Tue, 2 Oct 2007 12:56:16 -0400
current infrastructure (with respect to internet connection and VPN) is
based on ISA 2000. I'm looking to change internet providers to a T1 service
and incorporate a Cisco device as the outer most edge device of my network,
instead of the ISA server. I want to keep the ISA server for its
proxy/caching and windows user-based control features.
what arrangement options do I have for this?
The first one that comes to mind is to have the Cisco device simply route
(with public IP on both external and internal facing interfaces) and ISA
would continue to have public IP on cisco facing interface and private IP on
internal facing interface. In this scenario ISA would just continue doing
what its doing (VPN server, Firewall, NAT, with several port forwarding
rules). Anything wrong with that scenario?
What if I want to add the cisco device and utilize it as another layer of
security rather than simply a router? How might that work?
final question: (this is a stupid question but even though I'm trying I
can't stop myself from asking): ISA can't have IP addresses from the same
private subnet on both interfaces and still provide proxy services right?
.
- Follow-Ups:
- Re: general question on design options
- From: Phillip Windell
- Re: general question on design options
- Prev by Date: Re: urgent problem plz help
- Next by Date: Re: general question on design options
- Previous by thread: Compressing ISA Logfiles
- Next by thread: Re: general question on design options
- Index(es):
Relevant Pages
|
