[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

ISA 2004 in a back to back Scenario

Posted on 2006-06-22
3
Medium Priority
?
259 Views
Last Modified: 2013-11-16
Hello,

I am in the process of setting up a Perimeter Network with Isa 2004 is a back to back environment. First, the front server is in a workgroup and the back server is a domain member. Before I  installed ISA 2004 i could ping the back server from a domain machine and from the machine that i intend to use as the front server. now i cannot. And because i am installing the enterprise edition, we need a configuration Storage server. i have setup the domain member server as the CS server. but because i cannot ping the server with the ip address of the FQDN i cannot install the isa server services on the front box.

Can some one offer me some insight as to what i am not doing properly please?


0
Comment
Question by:kiddkapurcjw
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 7

Accepted Solution

by:
Kumar_Jayant123 earned 1500 total points
ID: 16966569
Hi,

By default once you install the ISA server 2004 EE or SE it will break all the communication from Internal as well as External Network.

Lets say you have a setup like

Internal(Storage Server)----Back ISA--------DMZ------Front ISA------Internet

Now since the Back ISA has blocked all the traffic you cannot connect the storage server. Moreover the Front ISA will be on the External network of the front ISA server.

Best way would be:
1. Create a computer set and put in the Internal IP of the Front ISA server.
2. Allow all traffic from the computer set upi created to the Storage server.
3. Now once you are through with the Installation of the ISA servers than apply the templet.

One important thing, since the Back ISA server is a part of the Domain you might need to create a rule to allow all traffic from Localhost to Internal.

Hope this helps
Kumar
0
 

Author Comment

by:kiddkapurcjw
ID: 16975238
I have done this. I created a host record for the backend firewall and statically added a route on the front end firewall to the internal network. I can ping the CSS server and the Backend proxy from the front end but when i try to install the isa on to the frontend box, it cannot located the CSS server.
0
 

Author Comment

by:kiddkapurcjw
ID: 16990606
ok guys, i have just gone for the standard version instead
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What's worse than having your data encrypted by ransomware? Getting attacked by a so-called "wiper," which simply destroys the data and offers you no hope of ever seeing it again.
This article covers the basics of data encryption, what it is, how it works, and why it's important. If you've ever wondered what goes on when you "encrypt" data, you can look here to build a good foundation for your personal learning.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question