Solved

ISA server as reverse proxy in back to back perimeter network

Posted on 2006-07-11
3
761 Views
Last Modified: 2013-11-16
I wan tot build an Extranet. The current configuration is as follows. I terminate a T1 connection from our ISP with a Cisco 2821 router.This connects to a Checkpoint firewall running on a Nokia IP 380. I use an LDAP server in the DMZ which is a unique Active Directory domain. The interior firewall is a Cisco PIX 515E which is attached to a Cisco 3750 Catalyst switch which connects the LAN. I presently have IPSec  site to site VPN established as well as remote access for our employees using Checpoints Secure Remote. I wish to use Checkpoints Connectra as the SSL VPN for our customers to access the Extranet. I wish to use ISA server in between the two firewalls as a reverse proxy directing traffic to the web server on our internal network. The web server will use Share Point services.
The web server is the Microsft Dynamics Business Portal 3.0. The proxy server will only be used for connection to this internal server. Will this ISA reverse proxy have to function as an additional interior firewall connected to the 3750 Catalyst switch? Or can I send the traffic from the ISA server through the PIX 515E?
Ii need some help here. I would be grateful for any comments, criticisms or suggestions. Thank you in advance.

Joe
0
Comment
Question by:boksi1950
3 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 250 total points
Comment Utility
No, it won't need to be a firewall. ISA can still support publishing (reverse proxy) even with only one NIC installed. However, you do need to make use of the loopback connector.
The PIX515 will need to accept the forwarded traffic from the ISA through the ACL associated to its outside interface.

0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Forefront is the brand name for Microsoft's major security product. Forefront covers a number of specific security areas and has 'swallowed' a number of applications under this umbrella including Antigen, ISA Server, the Integrated Access Gateway (t…
Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now