first frontend backend firewall setup

I want to set up a frontend backend firewall setup for our company . The frontend firewall will be a sonicwall pro 2040 and the backend will be isa server 2000. I have the 2040 in place running as a frontend. I than put isa server behind it but when I enter the isa servers ip address in as my proxy I can't get to the internet. Is there something that I must do on the frontend firewall for sonicwall pro 2040  to be able to gain internet access and proxy it to the internal lan clients. Also let me tell you the physical setup I have the dsl connected to a switch the external interface of the sonicwall pro 2040  and the isa server is also connected to that switch. The isa box is using the external interface is using the ip address of astaro's internal interface as its gateway.
junioradmin55Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Nemesis-ServicesCommented:
you'll need to allow the isa server out via the firewall - so you'll need to put a rule on the sonicwall, something like this:

Click on Firewall > then Access Rules > then click Add

Action = Allow
Service = to start of with select: Any <then you can lock the rule down to suit your requirements>
Source:
Ethernet = LAN
Address Range Begin: ip address of isa server
Address Range End: ip address of isa server

Destination:
Ethernet = *
Address Range Begin: *
Address Range End: <leave blank>
Comment = Allow ISA Server Outbound Internet Access

then click OK

see how that goes for starters
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
junioradmin55Author Commented:
Thanks for the reply actually I just stared this job and I'm new to the entire dmz concept. Most dmz's I've set up in the past have been using 3 interfaces on a single firewall. I think I'm going to test this on my home lan before I implement it at work.So I would like to setup a test lab at home to practice setting up a a dmz. At home I have the following products isa server 2000 and 2004 astaro version 5 and also a netgear fvs318 router. I'm trying to decide if I should use the netgear on the frontend and isa 2004 on the backend or if I should use astaro on the front and isa server 2004 on the back. My internal lan will be 192.168.15 the wan will be my cable modem and the dmz will be 192.168.45. I would like to ask you about interface setup what default gaewats will i use for the setup.
0
Nemesis-ServicesCommented:
TheLearnedOne,

I believe I have answered junioradmin55 original question, which was 'to be able to gain internet access and proxy it to the internal lan clients'

Nemesis-Services
0
Nemesis-ServicesCommented:
thanks modulo
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.