ISA 2004

Ive got all internal clients forwording to ISA 2004 then to the domains-web pages I want them to have access to
now I need to figure out how to connect my stores to this proxy
all store are external small networks with 4 or 5 machines
some have static ip and some don't
how can I get the proxy to allow external clients
I have my router already forwarded to the proxy and i can see the session in monitoring but it does not forword
to the domains I have set up!!
LVL 1
itguyrgAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

TannerManCommented:
Not sure I am following your intent here.

Are you wanting to allow your External (Internet connected) Branch Locations access to your private network located behind your ISA 2004 server?

You will need to setup either client to ISA vpn connections or Site to Site VPN connections.

Please clarify your needs and myself, or someone else on here may be able to get you in the right direction.
0
itguyrgAuthor Commented:
Im dont want to give them access to internal resorces
Im looking to just manage there Site surfing in IE
with this proxy just like they are internal users
0
Keith AlabasterEnterprise ArchitectCommented:
Some key points here.

1. ISA is not a router, regardless of what it says in the manual so this element needs to be dealt with by the routers themselves.
2. Are you running VPN's from your stores to your main office where the ISA is located? If so, what type of VPN are you using pptp or ipsec?
3. again, if yes, Have you created the VPN locations (in the VPN sections and enabled the client access list/rules?
4. What are you actually seeing in the monitoring - logging section?
0
itguyrgAuthor Commented:
I have one machine in each location that uses the windows VPN (pptp)
there are 3 or 4 machines that dont have vpn connections they just connect directly to the internet
the vpn connections are made with a cisco 3030 vpn concentrator


what I see in the monitoring session is a connection with external marked on it and a ip address of the client that is connecting and I have verified that it is my address

basically the idea here is it will be kind of a public proxy in a sense
not sure how safe it is or if it can even be done just testing everything at the moment

the only other option I have is to set up internet connection sharing with the VPN connection then I should be able to
route through the proxy

0
Keith AlabasterEnterprise ArchitectCommented:
                                          Internet
                                                |
                                        external Router
                                                |
                                           switch
                                           |       |
                         ---------------        ---------------
                        |                                            |
                    x.y.19.1                                   x.y.19.2
                   Cisco 3020                             ext firewall
                        |                                            |
 (dmz interface)  -------------  ISA server  --------  (external Interface)
                                                |
                                                |
                          --------------- LAN --------------------------

External users call in on the vpn concentrator. Put a rule on  ISA server that allows traffic from the DMZ (perimeter) to external and control as required.
                     
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.