[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


ISA 2004

Posted on 2006-03-30
Medium Priority
Last Modified: 2013-11-16
Ive got all internal clients forwording to ISA 2004 then to the domains-web pages I want them to have access to
now I need to figure out how to connect my stores to this proxy
all store are external small networks with 4 or 5 machines
some have static ip and some don't
how can I get the proxy to allow external clients
I have my router already forwarded to the proxy and i can see the session in monitoring but it does not forword
to the domains I have set up!!
Question by:itguyrg
  • 2
  • 2

Expert Comment

ID: 16334244
Not sure I am following your intent here.

Are you wanting to allow your External (Internet connected) Branch Locations access to your private network located behind your ISA 2004 server?

You will need to setup either client to ISA vpn connections or Site to Site VPN connections.

Please clarify your needs and myself, or someone else on here may be able to get you in the right direction.

Author Comment

ID: 16334280
Im dont want to give them access to internal resorces
Im looking to just manage there Site surfing in IE
with this proxy just like they are internal users
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16335070
Some key points here.

1. ISA is not a router, regardless of what it says in the manual so this element needs to be dealt with by the routers themselves.
2. Are you running VPN's from your stores to your main office where the ISA is located? If so, what type of VPN are you using pptp or ipsec?
3. again, if yes, Have you created the VPN locations (in the VPN sections and enabled the client access list/rules?
4. What are you actually seeing in the monitoring - logging section?

Author Comment

ID: 16335824
I have one machine in each location that uses the windows VPN (pptp)
there are 3 or 4 machines that dont have vpn connections they just connect directly to the internet
the vpn connections are made with a cisco 3030 vpn concentrator

what I see in the monitoring session is a connection with external marked on it and a ip address of the client that is connecting and I have verified that it is my address

basically the idea here is it will be kind of a public proxy in a sense
not sure how safe it is or if it can even be done just testing everything at the moment

the only other option I have is to set up internet connection sharing with the VPN connection then I should be able to
route through the proxy

LVL 51

Accepted Solution

Keith Alabaster earned 1000 total points
ID: 16335930
                                        external Router
                                           |       |
                         ---------------        ---------------
                        |                                            |
                    x.y.19.1                                   x.y.19.2
                   Cisco 3020                             ext firewall
                        |                                            |
 (dmz interface)  -------------  ISA server  --------  (external Interface)
                          --------------- LAN --------------------------

External users call in on the vpn concentrator. Put a rule on  ISA server that allows traffic from the DMZ (perimeter) to external and control as required.

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month19 days, 7 hours left to enroll

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question