Solved

ISA 2004 in a back to back Scenario

Posted on 2006-06-22
3
247 Views
Last Modified: 2013-11-16
Hello,

I am in the process of setting up a Perimeter Network with Isa 2004 is a back to back environment. First, the front server is in a workgroup and the back server is a domain member. Before I  installed ISA 2004 i could ping the back server from a domain machine and from the machine that i intend to use as the front server. now i cannot. And because i am installing the enterprise edition, we need a configuration Storage server. i have setup the domain member server as the CS server. but because i cannot ping the server with the ip address of the FQDN i cannot install the isa server services on the front box.

Can some one offer me some insight as to what i am not doing properly please?


0
Comment
Question by:kiddkapurcjw
  • 2
3 Comments
 
LVL 7

Accepted Solution

by:
Kumar_Jayant123 earned 500 total points
ID: 16966569
Hi,

By default once you install the ISA server 2004 EE or SE it will break all the communication from Internal as well as External Network.

Lets say you have a setup like

Internal(Storage Server)----Back ISA--------DMZ------Front ISA------Internet

Now since the Back ISA has blocked all the traffic you cannot connect the storage server. Moreover the Front ISA will be on the External network of the front ISA server.

Best way would be:
1. Create a computer set and put in the Internal IP of the Front ISA server.
2. Allow all traffic from the computer set upi created to the Storage server.
3. Now once you are through with the Installation of the ISA servers than apply the templet.

One important thing, since the Back ISA server is a part of the Domain you might need to create a rule to allow all traffic from Localhost to Internal.

Hope this helps
Kumar
0
 

Author Comment

by:kiddkapurcjw
ID: 16975238
I have done this. I created a host record for the backend firewall and statically added a route on the front end firewall to the internal network. I can ping the CSS server and the Backend proxy from the front end but when i try to install the isa on to the frontend box, it cannot located the CSS server.
0
 

Author Comment

by:kiddkapurcjw
ID: 16990606
ok guys, i have just gone for the standard version instead
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now