?
Solved

ISA server as reverse proxy in back to back perimeter network

Posted on 2006-07-11
3
Medium Priority
?
819 Views
Last Modified: 2013-11-16
I wan tot build an Extranet. The current configuration is as follows. I terminate a T1 connection from our ISP with a Cisco 2821 router.This connects to a Checkpoint firewall running on a Nokia IP 380. I use an LDAP server in the DMZ which is a unique Active Directory domain. The interior firewall is a Cisco PIX 515E which is attached to a Cisco 3750 Catalyst switch which connects the LAN. I presently have IPSec  site to site VPN established as well as remote access for our employees using Checpoints Secure Remote. I wish to use Checkpoints Connectra as the SSL VPN for our customers to access the Extranet. I wish to use ISA server in between the two firewalls as a reverse proxy directing traffic to the web server on our internal network. The web server will use Share Point services.
The web server is the Microsft Dynamics Business Portal 3.0. The proxy server will only be used for connection to this internal server. Will this ISA reverse proxy have to function as an additional interior firewall connected to the 3750 Catalyst switch? Or can I send the traffic from the ISA server through the PIX 515E?
Ii need some help here. I would be grateful for any comments, criticisms or suggestions. Thank you in advance.

Joe
0
Comment
Question by:boksi1950
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 750 total points
ID: 17084469
No, it won't need to be a firewall. ISA can still support publishing (reverse proxy) even with only one NIC installed. However, you do need to make use of the loopback connector.
The PIX515 will need to accept the forwarded traffic from the ISA through the ACL associated to its outside interface.

0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ISA Server detected routes through the network adapter LAN that do not correlate with the network to which this network adapter belongs What does this mean and how can one go about correcting it? In simple terms, this error message indicates t…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question