Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 464
  • Last Modified:

Firewall client to SecureNAT client

We are running a Windows Server 2003 with ISA 2000 and currently have all of the client computers set up with the ISA Firewall Client software and a proxy set.  We would like to switch to a SecureNAT client without the proxy.  How do we go about doing something like that?  What is involved to switch on the server and on the workstations?

I am pretty sure that on the workstations you just have to take the Firewall client off, but I am not sure what to do on the server side.
0
sdrevs
Asked:
sdrevs
  • 2
1 Solution
 
Keith AlabasterCommented:
Remove the firewall clients. As long as the default gateway of the client is pointed at the internal nic of the ISA server you will become SecureNAT clients.
Do one user first (not the administrator) and make sure everything is still working. Are you removing the web proxy as well as the socks proxy?
There is no switch on the server to change.

What you will lose though is direct reference to Active Directory groups etc. Authentication issues will need to be addressed as you go.


Regards
Keith
0
 
sdrevsAuthor Commented:
After Removing the firewall client Internet did still work, however when I removed the proxy settings from IE the internet does not work yet.  What do you mean "you will lose direct reference to Active Directory groups"? What is an example of a scenario that that would be a problem.

The end result I would like is to be able to plug in a workstation without having to install a client or set a proxy but still have the server acting as a firewall, closing all unsecured ports.

Thanks.
0
 
Keith AlabasterCommented:
Only whereby you were using AD groups etc to limit traffic.

Youe will need to make IP filters for incoming/outgoing traffic sets.
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now