Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


first frontend backend firewall setup

Posted on 2004-11-22
Medium Priority
Last Modified: 2013-11-16
I want to set up a frontend backend firewall setup for our company . The frontend firewall will be a sonicwall pro 2040 and the backend will be isa server 2000. I have the 2040 in place running as a frontend. I than put isa server behind it but when I enter the isa servers ip address in as my proxy I can't get to the internet. Is there something that I must do on the frontend firewall for sonicwall pro 2040  to be able to gain internet access and proxy it to the internal lan clients. Also let me tell you the physical setup I have the dsl connected to a switch the external interface of the sonicwall pro 2040  and the isa server is also connected to that switch. The isa box is using the external interface is using the ip address of astaro's internal interface as its gateway.
Question by:junioradmin55
  • 3

Accepted Solution

Nemesis-Services earned 260 total points
ID: 12644705
you'll need to allow the isa server out via the firewall - so you'll need to put a rule on the sonicwall, something like this:

Click on Firewall > then Access Rules > then click Add

Action = Allow
Service = to start of with select: Any <then you can lock the rule down to suit your requirements>
Ethernet = LAN
Address Range Begin: ip address of isa server
Address Range End: ip address of isa server

Ethernet = *
Address Range Begin: *
Address Range End: <leave blank>
Comment = Allow ISA Server Outbound Internet Access

then click OK

see how that goes for starters

Author Comment

ID: 12664608
Thanks for the reply actually I just stared this job and I'm new to the entire dmz concept. Most dmz's I've set up in the past have been using 3 interfaces on a single firewall. I think I'm going to test this on my home lan before I implement it at work.So I would like to setup a test lab at home to practice setting up a a dmz. At home I have the following products isa server 2000 and 2004 astaro version 5 and also a netgear fvs318 router. I'm trying to decide if I should use the netgear on the frontend and isa 2004 on the backend or if I should use astaro on the front and isa server 2004 on the back. My internal lan will be 192.168.15 the wan will be my cable modem and the dmz will be 192.168.45. I would like to ask you about interface setup what default gaewats will i use for the setup.

Expert Comment

ID: 13119891

I believe I have answered junioradmin55 original question, which was 'to be able to gain internet access and proxy it to the internal lan clients'


Expert Comment

ID: 13181307
thanks modulo

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
LinkedIn blogging is great for networking, building up an audience, and expanding your influence as well. However, if you want to achieve these results, you need to work really hard to make your post worth liking and sharing. Here are 4 tips that ca…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question