Solved

ISA 2004 in a back to back Scenario

Posted on 2006-06-22
3
248 Views
Last Modified: 2013-11-16
Hello,

I am in the process of setting up a Perimeter Network with Isa 2004 is a back to back environment. First, the front server is in a workgroup and the back server is a domain member. Before I  installed ISA 2004 i could ping the back server from a domain machine and from the machine that i intend to use as the front server. now i cannot. And because i am installing the enterprise edition, we need a configuration Storage server. i have setup the domain member server as the CS server. but because i cannot ping the server with the ip address of the FQDN i cannot install the isa server services on the front box.

Can some one offer me some insight as to what i am not doing properly please?


0
Comment
Question by:kiddkapurcjw
  • 2
3 Comments
 
LVL 7

Accepted Solution

by:
Kumar_Jayant123 earned 500 total points
ID: 16966569
Hi,

By default once you install the ISA server 2004 EE or SE it will break all the communication from Internal as well as External Network.

Lets say you have a setup like

Internal(Storage Server)----Back ISA--------DMZ------Front ISA------Internet

Now since the Back ISA has blocked all the traffic you cannot connect the storage server. Moreover the Front ISA will be on the External network of the front ISA server.

Best way would be:
1. Create a computer set and put in the Internal IP of the Front ISA server.
2. Allow all traffic from the computer set upi created to the Storage server.
3. Now once you are through with the Installation of the ISA servers than apply the templet.

One important thing, since the Back ISA server is a part of the Domain you might need to create a rule to allow all traffic from Localhost to Internal.

Hope this helps
Kumar
0
 

Author Comment

by:kiddkapurcjw
ID: 16975238
I have done this. I created a host record for the backend firewall and statically added a route on the front end firewall to the internal network. I can ping the CSS server and the Backend proxy from the front end but when i try to install the isa on to the frontend box, it cannot located the CSS server.
0
 

Author Comment

by:kiddkapurcjw
ID: 16990606
ok guys, i have just gone for the standard version instead
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now