Re: policy based routing
- From: "Will" <westes-usc@xxxxxxxxxxxxxx>
- Date: Thu, 17 Apr 2008 18:33:38 -0700
"Vassilis Sotirchenas" <VassilisSotirchenas@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in message news:4FED8F47-1EE6-4D6C-89B6-E58A57728D7C@xxxxxxxxxxxxxxxx
I have an ISA 2006 Enterprise edition with 3 NICS. one is to my internal
clients, one is to ISP1 and the other is to ISP2. I want to be able to
route
some clients to ISP1 and others to use ISP2. I also want some flexibility
in
this, so I can quickly change the routing when I feel like it. Also,
policy
based routing on protocol used (ftp, http, etc.) would be cool too. As a
newbie to ISA i know little of its capabilities.
can it do this sort of thing?
if yes, how?
any pointers to the docs greatly appreciated.
The way this could be solved would be to put a simple firewall that is
capable of source routing in front of ISA and then route all of your
outgoing connections to that box. Then enter the source routes there
directly.
Depending on your circumstance, if each "client" represents for example a
different customer of your ISP network, then you might think of separating
them onto different subnets behind ISA, and then setting up your source
routes based on subnet rather than specific IP.
A box I really like is the Fortinet Fortigate. If you don't need their
yearly services for anti-virus, etc, the entry level models can be picked up
extremely cheap. It appears to do source routing competently, and some of
their entry level boxes have an explicit provision for dual WAN connections.
But, alas, as Phil says ISA by itself doesn't solve that problem.
--
Will
.
- Prev by Date: Re: Best Practice for Using MVPS HOSTS File on ISA Server?
- Next by Date: Cannot access a website through ISA 2004
- Previous by thread: Allowing VPN Clients HTTPS Access through ISA 2006 NLB Array
- Next by thread: Cannot access a website through ISA 2004
- Index(es):
Relevant Pages
|
