Solved

install ISA after firewall

Posted on 2007-03-22
20
445 Views
Last Modified: 2016-08-29
hi
i have network with this information
https://filedb.experts-exchange.com/incoming/ee-stuff/2882-network-diagram.JPG
can i install ISA after PIX 525 firewall or not (i have nat in router)
and if i can can anyone help me with that
if i can must i disable nat in router or not
i have mltiVLAN in my network
any details can help me
thanks


0
Comment
Question by:nasemabdullaa
  • 10
  • 10
20 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
I will not download anything that I do not know for sure is safe to do so, sorry.

That said, PIX as the outer firewall then isa as the inner firewall is a brilliant combination. Just forward the ports required through pix to the isa external nic and then publish the services you want. For outgoing, its exactly as it says on the box.
0
 

Author Comment

by:nasemabdullaa
Comment Utility
hi
thanks keith_alabaster iam realy happy to hear from you
thanks again
this what i want to do (this is the diagram of my network)
all distribution switch and core switch is layer 3 switch
each distribution switch connect to 6 access switch
each access switch is in different VLAN from other switch

                                                           distrbution switch(1)
         i want to add ISA here              distrbution switch(2)
router-->pix-->ISA--> core switch-->distrbution switch(3)-->access switch---> PC
                       -----                              distrbution switch(4)

i want to use ISA as firewall only
this is what i do(iam install ISA) with two NIC with this information for each card
first card connect to pix information
ip address 172.16.100.2
mask 255.255.255.0
gateaway 172.16.100.1

second NIC connect to core switch information
IP 172.16.100.3
mask 255.255.255.0
and iam add all my network to ISA
172.16.2.0
172.16.3.0--------------------------172.16.14.0

>>>Just forward the ports required through pix to the isa external nic
i have 64 public IP address and now iam using from 4-42 for nat caa i do that or not
you mean must iam using static nat for NIC for ISA
now iam using this command for forward port for one bublic IP address (you mean must i use like this command) and what is about NAT in PIX?
static (inside,outside) 62.68.65.50 172.16.14.130 netmask 255.255.255.255 0 0
access-list OutsideIn permit tcp any host 62.68.65.50 eq www                                                            
access-list OutsideIn permit tcp any host 62.68.65.50 eq smtp                                                            
access-list OutsideIn permit tcp any host 62.68.65.50 eq ftp                                                            
access-list OutsideIn permit tcp any host 62.68.65.50 eq telnet                                                              
access-list OutsideIn permit tcp any host 62.68.65.50 eq 3389                                                            
access-list OutsideIn permit tcp any host 62.68.65.50 eq 69                                                          
access-list OutsideIn permit tcp any host 62.68.65.50 eq ssh

second question in my network now the IP address of core switch is 172.16.100.1 must i change it to 172.16.100.4 and change
 ip default-gateway 172.16.100.1 to 172.16.100.4 is that true
and change
ip route 0.0.0.0 0.0.0.0 172.16.100.2 to ip route 0.0.0.0 0.0.0.0 172.16.100.3 (ip address of second NIC of ISA server) is that true

last question must i cahnge configuration in PIX and core switch only and not in router (is that true)
i send to you the configuration of PIX and router and core switch

core configuration is
! interface GigabitEthernet1/1                            
 no switchport              
 ip address 172.16.100.1 255.255.255.0     (must chang to 172.16.100.4)                                
!
interface GigabitEthernet1/2                            
 switchport trunk encapsulation dot1q                                    
 switchport mode trunk                      
!
interface GigabitEthernet1/3                            
 switchport trunk encapsulation dot1q                                    
 switchport mode trunk                      
!
interface GigabitEthernet1/4                            
 description TrunkToD2_Floor7A                              
 switchport trunk encapsulation dot1q                                    
 switchport mode trunk                      
!
interface GigabitEthernet1/5                            
 description TrunkToD3_Floor3A                              
 switchport trunk encapsulation dot1q                                    
 switchport mode trunk                      

interface GigabitEth                  
 description WEB_SERVER                      
 no switchport              
 ip address 172.16.110.1 255.255.255.0                                      
!
interface GigabitEthernet2/3                            
 switchport trunk encapsulation dot1q                                    
 switchport mode trunk                      
!
interface GigabitEthernet2/4                            
 description Exchange_server                            
 no switchport              
 ip address 172.16.120.1 255.255.255.0                                      
interface Vlan1              
 no ip address              
 shutdown        
!
interface Vlan10                
 no ip address              
!
interface Vlan50                
 ip address 172.16.50.50 255.255.255.0                                      
!
router rip
 network 172.16.0.0
!
ip default-gateway 172.16.100.1 (must i cahnge this to 172.16.100.4)
ip route 0.0.0.0 0.0.0.0 172.16.100.2 (must i change this to 172.16.100.3 the IP address of second NIC of ISA)

PIX configuration is
               
     
access-list acl_out permit icmp any any                                      
access-list inside_outbound_nat0_acl permit ip any 172.16.2.96 255.255.255.240                                                                              
access-list OutsideIn permit tcp any host 62.68.65.43 eq www                                                            
access-list OutsideIn permit tcp any host 62.68.65.43 eq smtp                                                            
access-list OutsideIn permit tcp any host 62.68.65.43 eq ftp                                                            
access-list OutsideIn permit tcp any host 62.68.65.43 eq telnet                                                              
access-list OutsideIn permit tcp any host 62.68.65.43 eq 3389                                                            
access-list OutsideIn permit tcp any host 62.68.65.43 eq 69                                                          
access-list OutsideIn permit tcp any host 62.68.65.43 eq ssh                                                            
access-list OutsideIn permit tcp any host 62.68.65.50 eq www                                                            
access-list OutsideIn permit tcp any host 62.68.65.50 eq smtp                                                            
access-list OutsideIn permit tcp any host 62.68.65.50 eq ftp                                                            
access-list OutsideIn permit tcp any host 62.68.65.50 eq telnet                                                              
access-list OutsideIn permit tcp any host 62.68.65.50 eq 3389                                                            
access-list OutsideIn permit tcp any host 62.68.65.50 eq 69                                                          
access-list OutsideIn permit tcp any host 62.68.65.50 eq ssh                                                            
access-list OutsideIn permit tcp any host 62.68.65.51 eq www                                                            
access-list OutsideIn permit tcp any host 62.68.65.51 eq ftp                                                            
access-list OutsideIn permit tcp any host 62.68.65.52 eq www                                                            
access-list OutsideIn permit tcp any host 62.68.65.52 eq ftp                                                            
pager lines 24              
mtu outside 1500                
mtu inside 1500              
mtu intf2 1500              
mtu intf3 1500              
ip address outside 62.68.65.3 255.255.255.192                                            
ip address inside 172.16.100.2 255.255.255.0                                            
no ip address intf2                  
no ip address intf3                  
ip audit info action alarm                          
ip audit attack action alarm                            
no failover          
failover timeout 0:00:00                        
failover poll 15                
no failover ip addr                
no failover ip address inside                            
no failover ip address intf2                            
no failover ip address intf3                            
pdm location 172.16.2.70 255.255.255.255 inside                                              
pdm location 172.16.2.200 255.255.255.255 inside                                                
pdm location 172.16.2.0 255.255.255.0 inside                                            
pdm location 172.16.3.0 255.255.255.0 inside                                            
pdm location 172.16.4.0 255.255.255.0 inside                                            
pdm location 172.16.5.0 255.255.255.0 inside                                            
pdm location 172.16.6.0 255.255.255.0 inside                                            
pdm location 172.16.7.0 255.255.255.0 inside                                            
pdm location 172.16.8.0 255.255.255.0 inside                                            
pdm location 172.16.9.0 255.255.255.0 inside                                            
pdm location 172.16.10.0 255.255.255.0 inside                                            
pdm location 172.16.11.0 255.255.255.0 inside                                            
pdm location 172.16.12.0 255.255.255.0 inside                                            
pdm location 172.16.13.0 255.255.255.0 inside                                            
pdm location 172.16.14.0 255.255.255.0 inside                                            
pdm location 172.16.20.0 255.255.255.0 inside                                            
pdm location 172.16.30.0 255.255.255.0 inside                                            
pdm location 172.16.40.0 255.255.255.0 inside                                            
pdm location 172.16.50.0 255.255.255.0 inside                                            
pdm location 172.16.110.2 255.255.255.255 inside                                                
pdm location 172.16.120.2 255.255.255.255 inside                                                
pdm location 62.68.65.43 255.255.255.255 outside                                                
pdm location 62.68.65.44 255.255.255.255 outside                                                
pdm location 172.16.2.96 255.255.255.240 outside                                                
pdm history enable                  
arp timeout 14400                
global (outside) 1 62.68.65.4-62.68.65.42                                        
global (outside) 1 62.68.65.60                              
nat (inside) 0 access-list inside_outbound_nat0_acl                                                  
nat (inside) 1 172.16.2.0 255.255.255.0 0 0                                          
nat (inside) 1 172.16.3.0 255.255.255.0 0 0                                          
nat (inside) 1 172.16.4.0 255.255.255.0 0 0                                          
nat (inside) 1 172.16.5.0 25                          
nat (inside) 1 172.16.6.0 255.255.255.0 0 0                                          
nat (inside) 1 172.16.7.0 255.255.255.0 0 0                                          
nat (inside) 1 172.16.8.0 255.255.255.0 0 0                                          
nat (inside) 1 172.16.9.0 255.255.255.0 0 0                                          
nat (inside) 1 172.16.10.0 255.255.255.0 0 0                                            
nat (inside) 1 172.16.11.0 255.255.255.0 0 0                                            
nat (inside) 1 172.16.12.0 255.255.255.0 0 0                                            
nat (inside) 1 172.16.13.0 255.255.255.0 0 0                                            
nat (inside) 1 172.16.14.0 255.255.255.0 0 0                                            
nat (inside) 1 172.16.20.0 255.255.255.0 0 0                                            
nat (inside) 1 172.16.30.0 255.255.255.0 0 0                                            
nat (inside) 1 172.16.40.0                          
nat (inside) 1 172.16.100.0 255.255.255.0 0 0                                            
static (inside,outside) 62.68.65.43 172.16.110.2 netmask 255.255.255.255 0 0                                                                            
static (outside,inside) 172.16.110.2 62.68.65.43 netmask 255.255.255.255 0 0                                                                            
static (inside,outside) 62.68.65.44 172.16.120.2 netmask 255.255.255.255 0 0                                                                            
static (outside,inside) 172.16.120.2 62.68.65.44 netmask 255.255.255.255 0 0                                                                            
static (inside,outside) 62.68.65.50 172.16.14.130 netmask 255.255.255.255 0 0                                                                            
static (inside,outside) 62.68.65.51 172.16.2.7 netmask 255.255.255.255 0 0                                                                          
static (inside,outside) 62.68.65.52 172.16.2.6 netmask 255.255.255.255 0 0                                                                          
access-group OutsideIn in interface outside                                          
conduit permit icmp any any                          
conduit permit tcp host 62.68.65.43 eq www any                                              
conduit permit tcp host 62.68.65.44 eq www any                                              
conduit permit tcp host 62.68.65.44 eq pop3 any                                              
conduit permit tcp host 62.68.65.44 eq imap4 any                                                
conduit permit tcp host 62.68.65.44 eq smtp any                                              
rip inside passive version 1                            
route outside 0.0.0.0 0.0.0.0 62.68.65.1 1                                          
timeout xlate 3:00:00                    
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00                                                                            
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00                                                              
timeout sip-disconnect 0:02:00 sip-invite 0:03:00                                                
timeout uauth 0:05:00 absolute                              
aaa-server TACACS+ protocol tacacs+                                  
aaa-server TACACS+ max-failed-attempts 3                                        
aaa-server TACACS+ deadtime 10                              
aaa-server RADIUS protocol radius                                
aaa-server RADIUS max-failed-attempts 3                                      
aaa-server RADIUS deadtime 10                            
aaa-server LOCAL protocol local                              
http server enable                  
http 172.16.2.70 255.255.255.255                              
http 172.16.2.200 255.255.255.255 inside
http 172.16.130.2 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt connection permit-pptp
telnet 172.16.100.0 255.255.255.0 inside
telnet 172.16.50.0 255.255.255.0 inside
telnet timeout 5
ssh timeout 5
console timeout 0
vpdn username nasem password *********
dhcpd address 172.16.100.50-172.16.100.225 inside
dhcpd dns 172.16.2.5
dhcpd lease 6000
dhcpd ping_timeout 750
dhcpd auto_config outside
dhcpd enable inside
terminal width 80

router configuration is
       
!
interface GigabitEthernet0/1                            
 ip address 192.168.0.1 255.255.255.0                                    
 duplex auto            
 speed auto          
!
interface Serial0/0/0                    
 ip address 172.16.197.2 255.255.255.0                                      
 no ip route-cache cef                      
 no ip route-cache                  
 no ip mroute-cache                  
 load-interval 30                
 no keepalive            
 no fair-queue              
 ignore dcd          
 no cdp enable              
!
interface Content-Engine1/0                          
 ip unnumbered GigabitEthernet0/0                                
 service-module ip address 62.68.65.2 255.255.255.192                                                    
 service-module ip default-gateway 62.68.65.1                                            
!
ip default-gateway 172.16.197.2                              
ip classless            
ip route 0.0.0.0 0.0.0.0 172.16.197.1                                    
ip route 62.68.65.2 255.255.255.255 Content-Engine1/0                                                    

thanks for your help
0
 

Author Comment

by:nasemabdullaa
Comment Utility
hi again
sorry i forget this for router configuration

interface GigabitEthernet0/0                            
 description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$                                                      
 ip address 62.68.65.1 255.255.255.192                                      
 ip wccp web-cache redirect out                              
 duplex auto            
 speed auto          
!
interface GigabitEthernet0/1                            
 ip address 192.168.0.1 255.255.255.0                                    
 duplex auto            
 speed auto          
!
interface Serial0/0/0                    
 ip address 172.16.197.2 255.255.255.0                                      
 no ip route-cache cef                      
 no ip route-cache                  
 no ip mroute-cache                  
 load-interval 30                
 no keepalive            
 no fair-queue              
 ignore dcd          
 no cdp enable              
!
interface Content-Engine1/0                          
 ip unnumbered GigabitEthernet0/0                                
 service-module ip address 62.68.65.2 255.255.255.192                                                    
 service-module ip default-gateway 62.68.65.1                                            
!
ip default-gateway 172.16.197.2                              
ip classless            
ip route 0.0.0.0 0.0.0.0 172.16.197.1                                    
ip route 62.68.65.2 255.255.255.255 Content-Engine1/0                                                    

thaks
0
 

Author Comment

by:nasemabdullaa
Comment Utility
hi
can anyone help me please
this is what i do exactly

X.X.X.X= public IP of router
X1.X1.X1.X1= public IP of outside of pix

                              X.X.X.X  (my public IP address) ( I have 64 public IP address)    
                                                                :
                                                             router
                                                                 :
                                               IP address   X1.X1.X1.X1(PIX outside)
                                             IP address  172.16.100.2 (PIX inside )
                                                                 :
                       IP address (outside interface connect to PIX) 172.16.100.3 (ISA server)
                                                                  :
                   IP address (inside interface connect to core switch) 172.16.100.4(ISA server)
                                                                  :
                                    Core switch ( layer3 switch)IP address  172.16.100.2



and i made this change of configuration is PIX to foword port to IP address 172.16.100.3

static (inside,outside) X.X.X.X 172.16.100.3 netmask 255.255.255.255 0 0
access-list OutsideIn permit tcp any host X.X.X.X eq www                                                            
access-list OutsideIn permit tcp any host X.X.X.X eq smtp                                                            
access-list OutsideIn permit tcp any host X.X.X.X eq ftp                                                            
access-list OutsideIn permit tcp any host X.X.X.X eq telnet                                                              
access-list OutsideIn permit tcp any host X.X.X.X eq 3389                                                            
access-list OutsideIn permit tcp any host X.X.X.X eq 69                                                          
access-list OutsideIn permit tcp any host X.X.X.X eq ssh  
access-group OutsideIn in interface outside

and in core switch i made this change in configuration
ip route 0.0.0.0 0.0.0.0 172.16.100.2 ------------->>(must i change this to 172.16.100.4 the inside  IP address of NIC of ISA)

i di that but the internet not work (i do not know what is the problem)
any suggestion can help me

thanks


0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
Comment Utility
Don't normally do these things at a weekend but you sound a little desperate....

You cannot have the same subnet both internal and external on ISA server.
<<<IP address (outside interface connect to PIX) 172.16.100.3 (ISA server), IP address (inside interface connect to core switch) 172.16.100.4(ISA server) >>>

open the ISA gui, select configuration - networks - internal - properties - addresses.
This is the internal LAT (local address table). This MUST include all ip addresses (subnets) that are addressable through the INTERNAL network card; in you case this MUST include 172.16.100.0 - 172.16.100.255. Therefore you CANNOT have 172.16.100.3 on the external interface. The ISA external nic --> pix internal interface must be on a subnet that is NOT in the ISA LAT. ie put 192.168.110.1 on the pix internal nic and 192.168.110.2 on the ISA external nic - default gateway only on the ISA external nic pointing to 192.168.110.1

0
 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
so
                              a.a.a.a
                               router --- > PIX ext nic  x1.x1.x1.x1
                                                                           |
                                                                           |
                                                 PIX int nic    192.168.110.1
                                                                           |
                                                 ISA ext nic    192.168.110.2  
                                                                           |
                                                 ISA int nic      172.16.100.4

I'll assume you have used a 255.255.255.0 subnet mask so set ISA internal LAT to include:
172.30.100.0 - 172.16.100.255
repeat entries for EVERY subnet you have that will enter ISA through the the INTERNAL nic.

ANYTHING that is not listed in the internal LAT is treated as being available through the EXTERNAL nic.
Hope this helps a little

Keith


                                                                           
0
 

Author Comment

by:nasemabdullaa
Comment Utility
hi keith_alabaster
thanks for your reply
i use these command in core switch
and in core switch i made this  configuration (now)(old configuration)
ip route 0.0.0.0 0.0.0.0 172.16.100.2  (  to routed to pix must now i change the defualt route from pix to internal NIC for ISA ) is that true
i mean must i change ip defulat route in core switch
ip route 0.0.0.0 0.0.0.0 172.16.100.2 ------------->>(must i change this to 172.16.100.4 the inside  IP address of NIC of ISA)

thanks


0
 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
Yes. all the traffic must go through to the ISA internal NIC address. This send out to its default which is the PIX internal address which in turn send to the external router internal address.
0
 

Author Comment

by:nasemabdullaa
Comment Utility
hi
thanks keith_alabaster for all your reply
i do all above and iam add this network to ISA network
172.16.2.0
172.16.3.0...........................172.16.14.0   (i have i4 VLAN) in my network

and this is configuration of iSA NIC
outside NIC
IP address 10.100.100.2
mask 255.255.255.0
gateaway 10.100.100.1

inside NIC
IP address 172.16.100.4
mask 255.255.255.0  (mask of internal network is 255.255.255.0 not 255.255.0.0)

and iam foword from core to internal NIC of ISA using this command
ip route 0.0.0.0 0.0.0.0 10.100.100.2

but i want to say (in my network i have routing in core switch and distrbution switch can ISA work with that)

this is all my network digram
X.X.X.X= public IP of router
X1.X1.X1.X1= public IP of outside of pix

                              X.X.X.X  (my public IP address) ( I have 64 public IP address)    
                                                                :
                                                             router
                                                                 :
                                               IP address   X1.X1.X1.X1(PIX outside)
                                             IP address  10.100.100.1 (PIX inside )
                                                                 :
                       IP address (outside interface connect to PIX) 10.100.100.2 (ISA server)
                                                                  :
                   IP address (inside interface connect to core switch) 172.16.100.4(ISA server)
                                                                  :
                                    Core switch ( layer3 switch)IP address  172.16.100.2
                        :                            :                                                   :                             :
distribution switch (layer3)   distribution switch         distribution switch           distribution switch
          :                                               :                                       :                                        :
   access switch  (4)              access switch (4)        access switch  (4)           access switch (4)


all distribution switch is layer 3 switch

i do all that but its not work
 
can you help me

thanks
0
 

Author Comment

by:nasemabdullaa
Comment Utility
hi
sorry i forget
must i add network of core switch in ISA or not 172.16.100.0
can ISA work with 14 VLAN or not

thanks
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
I don't understand your question.

ISA must have ALL the internal subnets/vlans added if they are inside the ISA server.
If you have used a 255.255.0.0 subnet mask then ISA would have 172.16.0.0 - 172.16.255.255 in the lat.

If you have used a 255.255.255.0 subnet mask then you must add each individually to the LAT.
172.16.0.0 - 172.30.0.255
172.16.1.0 - 172.16.1.255
172.16.100.0 - 172.16.100.255
etc etc
for each subnet vlan that is used inside the ISA.

On the ISA server, you should have a rule for allow all outbounf protocols from local & internal host to external
the ISA internet explorer settings should point to the isa internal ip on port 8080.
The internal isa card should have its dns settings pointing to the internal dns server
From isa, can you now get to the internet?
0
 

Author Comment

by:nasemabdullaa
Comment Utility
hi   keith_alabaster
thanks for your reply

>>>On the ISA server, you should have a rule for allow all outbounf protocols from local & internal host to external
i do that

>>>the ISA internet explorer settings should point to the isa internal ip on port 8080.
can you explain more about this

>>>The internal isa card should have its dns settings pointing to the internal dns server
i have DNS internal dns 172.16.2.5 and 172.16.2.7 and external dns 62.68.95.11 and 62.68.64.11 iam add all these dns in internal ISA NIC

NIC of ISA setting is
ip address  172.16.100.4
mask           255.255.255.0
dns1            172.16.2.5
dns2            172.26.2.7
dns3            62.68.95.11
dns4            62.68.64.11

external NIC of ISA
ip address 10.100.100.2
mask 255.0.0.0
gateaway  10.100.100.1

the internet not work

thanks

0
 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
I can assist you with technical issues but I cannot teach you an entire product  by this process.

remove dns3 & dns4. ISA should have its dns pointing to your internal dns servers only, not the ISP's or other external dns. Your internal DNS servers should have entries in their forwarders tab that point to the isp's dns servers (they resolve external DNS for the ISA server).

>>>the ISA internet explorer settings should point to the isa internal ip on port 8080.
can you explain more about this
The ISA internet explorer proxy settings should be set to use the isa internal ip on port 8080 (this is the default port number used by ISA to accept web proxy traffic. Please check that your outbound internet rule includes:
allow all protocols from internal & local host to external all users.

If you cannot get to the Internet from ISA, then you certainly will not get out from any internal machines.





0
 

Author Comment

by:nasemabdullaa
Comment Utility
hi
thanks for your reply
must i use proxy settings for all computer in my network or i use it in server only

thanks
0
 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
All computers that will access the internet through the web browser require it.

Any traffic that will use non-proxy traffic out to the internet must be routed to the ISA internal nic.
0
 

Author Comment

by:nasemabdullaa
Comment Utility
hi keith_alabaster
thanks
iam very happy its working now (you are more than genius if i can gave you more than 500 point i give it now)
iam grateful to you
thanks for you to gave me the long time for my question and to work at the weekend
thanks
0
 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
You are most welcome.

Regards

Keith
0
 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
As an aside, I am going to edit the question so there is one Accept rather than many assists.
0
 

Author Comment

by:nasemabdullaa
Comment Utility
hi
thanks
0
 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
:)
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now