Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Firewall client to SecureNAT client

Posted on 2006-06-13
5
Medium Priority
?
451 Views
Last Modified: 2013-11-16
We are running a Windows Server 2003 with ISA 2000 and currently have all of the client computers set up with the ISA Firewall Client software and a proxy set.  We would like to switch to a SecureNAT client without the proxy.  How do we go about doing something like that?  What is involved to switch on the server and on the workstations?

I am pretty sure that on the workstations you just have to take the Firewall client off, but I am not sure what to do on the server side.
0
Comment
Question by:sdrevs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16897143
Remove the firewall clients. As long as the default gateway of the client is pointed at the internal nic of the ISA server you will become SecureNAT clients.
Do one user first (not the administrator) and make sure everything is still working. Are you removing the web proxy as well as the socks proxy?
There is no switch on the server to change.

What you will lose though is direct reference to Active Directory groups etc. Authentication issues will need to be addressed as you go.


Regards
Keith
0
 

Author Comment

by:sdrevs
ID: 16897215
After Removing the firewall client Internet did still work, however when I removed the proxy settings from IE the internet does not work yet.  What do you mean "you will lose direct reference to Active Directory groups"? What is an example of a scenario that that would be a problem.

The end result I would like is to be able to plug in a workstation without having to install a client or set a proxy but still have the server acting as a firewall, closing all unsecured ports.

Thanks.
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 16918061
Only whereby you were using AD groups etc to limit traffic.

Youe will need to make IP filters for incoming/outgoing traffic sets.
0

Featured Post

Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question