Re: Routing across internal subnets

Hi James:

Unless you already own a copy of ISA server, this would get fairly pricy.
The ISA that comes with SBS 2003 Premium must be installed on the SBS.

Larry

"James Brubaker" <JamesBrubaker@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A2F679F1-4B88-4776-883E-0DC6629C7460@xxxxxxxxxxxxxxxx
Thanks for all the comments, guys! My other option is installing ISA 2004
on
either one of the servers at the main location. One is SBS2003 (DC) and
the
other is Server2003.
Any other thoughts?

"Les Connor [SBS MVP]" wrote:

For site<>site VPN with hardware devices in place, Joe has it :-). Single
nic.

--
Les Connor [SBS MVP]


"Joe" <joe@xxxxxxxxxxxxxx> wrote in message
news:uvWb3B4BIHA.3716@xxxxxxxxxxxxxxxxxxxxxxx
James Brubaker wrote:
We have a gre tunnel between this main site and the remote sites on
our
Cisco routers in order to connect the separate subnets for the smaller
remote locations. Individual VPN's from each PC are not really
feasible,
and the sites do not have a servers set up to do VPN's just the
routers
that do the tunnel.

Our end goal is the following (for one location):

Remote Site - Cisco Router - Cisco Tunnel Endpoint (Remote) -
192.168.20.0 - 192.168.20.1 - 192.168.100.2 -

Cisco Tunnel Endpoint (Main Office) -Cisco Router - SBS Server
(External
Nic) - 192.168.100.1 - 10.10.10.1 -
10.10.10.2 -

SBS Server (Internal Subnet)
192.168.0.0

In essence, that the external 192.168.20.0 subnet can communicate with
the 192.168.0.0 Subnet.

Are thoughts are that we may need a 3rd NIC to do a static route
(although current configured static routes do not work), a Vlan in the
192.168.0.0 subnet on the Cisco Router, or possibly ISA.

Move the SBS to one NIC mode. SBS with two NICs, whether with ISA or
not,
is a firewall, and is specifically designed not to allow access to its
LAN
side from the 'outside'. You can open ports to allow access, but by the
time you've opened enough to allow workstations to operate with it,
there's absolutely no point in having two NICs.



.

Relevant Pages

  • Re: RWW Timing
    ... If you have installed ISA, ... Expand the server node and highlight ''Monitoring''. ... In the following website you can find many useful resources related to SBS ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: 2 NIC SBS2003R2 LAN/WAN Firewall Router Connection Failure
    ... I have to admit to a preference for VMWare Server which can only be ... I've asked the other SBS MVP's to comment on the current status of SBS ... I connected directly to the router and changed its LAN side subnet ...
    (microsoft.public.windows.server.sbs)
  • Re: DHCP Issues. Very strange
    ... default order of rule in ISA 2004. ... Windows SharePoint Services intranet site, ... server certificate on Web server name column and then click Next. ... This newsgroup only focuses on SBS technical issues. ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS VPN setup?
    ... The 2-nic configuration is used when the SBS server will *also* act as your network's firewall. ... You purchase 2k3 PREMIUM and that comes with ISA to handle the firewall duties. ... To compare apples to apples, let us assume there is a network setup as I outlined above...and the firewall appliance is an ISA server, such as those available from Celestix. ...
    (microsoft.public.windows.server.sbs)
  • RE: ISA access rules, help
    ... please let me know whether you're using ISA 2000 or ISA 2004 ... (SBS SP0 or SBS SP1). ... the ISA server will not be used as a proxy server. ... Since SBS already used port 80, ...
    (microsoft.public.windows.server.sbs)