Set Static NAT on ISA Server

Hi,

Anyone knows how to set a static NAT on an ISA server?

Eventually I need that my ISP will have access an inbound router using a public IP address that is statically translated to an inbound IP address...

I hope I'm clear since I'm really new to this area

10x

DNeeBrkr
dneebrkrAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dmitri FarafontovLinux Systems AdminCommented:
You can confire your NIC card with a static IP adress. :-)
Dmitri FarafontovLinux Systems AdminCommented:
You can than configure the default gateway as your router on the same settings.
dneebrkrAuthor Commented:
DeltaFire

The NIC is set with a static address.
If I understood right, I need to configure the default gateway (the machine with the ISA firewall on it) as a router ??? How?
How would it contribute to the scenario I described in the beginning of this post?

10x

DNee
Your Guide to Achieving IT Business Success

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

Phil_AgcaoiliCommented:
On your ISA server, you set the IP on the NIC card for both the internal NIC and external NIC cards.

The ISA server's default gateway is the IP address of your ISP's router (they should give this to you).

On your client PCs, their default gateway is the internal IP address of your ISA server.

Here's a diagram:

Internet---ISP router---external NIC of ISA server---ISA server---internal NIC of ISA server----a client on your network

Hope this helps.
Phil_AgcaoiliCommented:
I forgot to mention that your "external NIC of ISA server" will be the public IP address that your ISP gives you.
dneebrkrAuthor Commented:
Phil_Agcaoili ,

I have 2 NICs on my ISA server. One is set with an external public IP address and the other is set with internal. So far exactly as you described.
I have 2 routers. one is dedicated for internet connection and the other also with an external IP address is dedicated to our companies WAN over MPLS (IPVPN) connecting our branches. Since the latter cannot be accessed not from the MPLS cloud by our ISP I need to configure a static NAT.
My researches so far resulted that ISA 2000 is not suit with a built in static NAT module but 'Server Publishing' can provide a similar solution, again I'm quite a newbie.
Next week I have an appointment with an IT expert how will walk me through this process.
I'll let you know what came up

10x

DNeeBRkr
Phil_AgcaoiliCommented:
You want to close this question out, as your Consultant should be able to get working a solution for you.

ISA server isn't the normal people go about this.  Today, most people opt for a hardware firewall such as a PIX, Nokia-Check Point, or Juniper-Netscreen appliance.
dneebrkrAuthor Commented:
Dear Experts,

Thank you!

I managed to solve the problem using ISA 2000 Server Publishing module like I mentioned. (After adding the external IP address to the NIC's list)
It's described on:
http://www.microsoft.com/resources/documentation/isa/2000/enterprise/proddocs/en-us/isadocs/cmt_h_reverseaction.mspx

Make sure you backup your array first:
http://www.microsoft.com/resources/documentation/isa/2000/enterprise/proddocs/en-us/isadocs/cmt_h_backup.mspx



moduloCommented:
Closed, 100 points refunded.
modulo
Community Support Moderator

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.