Re: SBS - ISA and Hardware firewall???

Tech-Archive recommends: Fix windows errors by optimizing your registry

NAH, best setup here would be 3 legged FireBox+ISA with 2 NICs. ISA external
to firebox DMZ, SBS/ISA internal to FB internal, SBS as LAN gateway. RWW to
SBS, VPN to FB.

I wouldn't design a new system this way but having all the bits already I'd
do it.

FireBox 'more than ISA', PAHHH!!!

"Leythos" <void@xxxxxxxxxxx> wrote in message
news:MPG.21673c3363d2160d9899cd@xxxxxxxxxxxxxxxxxxxx
In article <uC3LKIhAIHA.3400@xxxxxxxxxxxxxxxxxxxx>,
unknownmailbox@xxxxxxxxxxx says...
Yes, it is a Watchguard Firefox. Great piece of equipment imo. I just
wish
that it could have been configured to work with a 2 nic server giving
that
extra enhanced security with a firewall on each side of the server. I
thank
both you and Lanwench for your assistance on giving a second opinion. I'm
fairly new to the server world (only been working in the server realm
since
spring) so I'm still educating myself and always am always seeking out
the
best configuration. Once again thanks for your help.

Actually, the firebox is more than ISA and it's not likely to cause you
to screw up and compromise your network. What I mean is that with ISA
and the Firebox, there is nothing keeping you from setting it up like
that (using both) but you're going to have to make rules to account for
TWO firewalls and that's more likely going to cause you to have to
"Try" something to get something to work that would not normally be an
issue.

If you have issues with the firebox post here and I'll try and help,
I've got about 80 of them in the field currently.

As for best setup - Single NIC, firewall appliance, use VPN into
firewall, no VPN to SBS, and then use RWW where possible or TS.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@xxxxxxxxxx (remove 999 for proper email address)


.

Relevant Pages

  • Re: Cannot connect through ISA Server to www.microsoft.com, but can connect via IP address
    ... NICs at GB speed. ... So what happens when the server and the workstations are on the same ... Les Connor [SBS MVP] ... PMTU that ISA Server installation disabled. ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS R2 ISA2004 Dark Arts
    ... I suspect you need to be over in the ISA forum. ... Folks that try to do three nics don't ... I have 4 NICS in the SBS 2003 R2 server. ... Right now the front firewall is not an ISA ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 1002 Premium R2 Mangling Port Issues
    ... I will leave ISA out of the equation in that case. ... NIC or 2 NICs) did you finally end up with? ... the WAN NIC so there's only one NIC in the SBS (and then re-run CEICW ... port forward 8016 to the "external" SBS NIC IP ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 2003 + TS. HELP needed URGENTLY please!
    ... matter) about the routing table the ISA client will be intercepting calls. ... even without the ISA client on the TS (and depending on use it may ... SBS remote support services. ... The SBS server has 2 nics configured with ISA and a public IP I shall ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 1002 Premium R2 Mangling Port Issues
    ... If you have a decent hardware firewall/router now, ISA ... NIC or 2 NICs) did you finally end up with? ... the WAN NIC so there's only one NIC in the SBS (and then re-run CEICW ... port forward 8016 to the "external" SBS NIC IP ...
    (microsoft.public.windows.server.sbs)