?
Solved

Mixing ISA2004 and Linksys WRT54G Wireless Routers?

Posted on 2008-06-12
4
Medium Priority
?
595 Views
Last Modified: 2008-06-15
I want to set up a site-to-site VPN from someone's home to their office.  At their home, they do NOT have a static ip address and I've given up trying to make ISA2004 get a DHCP-provided address from the Cable Modem.  (I'm not even interested in trying that any more.)

So here's what I want to do (in the home):

CableModem
   |
Linksys Router Internet Port (DHCP-provided address from cable company)
(Linksys Router Wireless Disabled, DHCP Server Disabled)
Linksys Router Ethernet Port, Static Address, 192.168.3.1
   |
ISA2004 Server (on Windows 2000 Server), Outside Nic, Static Address, 192.168.3.10
ISA2004 Server (on Windows 2000 Server), Inside Nic, Static Address, 192.168.4.10
   |
Linksys Router Internet Port, Static Address, 192.168.4.1
Linksys Router Wireless&Ethernet clients, DHCP address given out to clients, 192.168.2.x
   |   |   |   |   |
client computers (in the home)

My problem is this link:
ISA2004 Server (on Windows 2000 Server), Inside Nic, Static Address, 192.168.4.10
   |
Linksys Router Internet Port, Static Address, 192.168.4.1

***   Do I need a crossover cable for this link?   ***

Right now, they are not talking to each other over that connection.

(I just happen to have 2 wireless routers, not using the wireless on the "outside" router.)
0
Comment
Question by:gateguard
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 11

Expert Comment

by:EricTViking
ID: 21773878
Here's my suggestion (inline within asterisks)....

CableModem
   |
Linksys Router Internet Port (DHCP-provided address from cable company)
(Linksys Router Wireless Disabled, DHCP Server Disabled)
Linksys Router Ethernet Port, Static Address, 192.168.3.1
*******************************************************************
**********Setup DMZ on linksys to forward all traffic to 192.168.3.10***********
*******************************************************************
   |
ISA2004 Server (on Windows 2000 Server), Outside Nic, Static Address, 192.168.3.10
ISA2004 Server (on Windows 2000 Server), Inside Nic, Static Address, 192.168.4.10
*************************************************************************
**********Bin the internal Linksys and use ISA as a NAT router on the inside***********
**********        Also configure Server 2000 as DHCP and DNS server             ***********
*************************************************************************
client computers (in the home)


Hope that makes sense?
0
 

Author Comment

by:gateguard
ID: 21773956
But I want a wireless router on the inside network.

Let me ask you this, do you think the Internet Port of a Linksys Wireless Router and a Nic card on a PC must be connected with a crossover cable?
0
 
LVL 11

Accepted Solution

by:
EricTViking earned 2000 total points
ID: 21774013
Sorry I missed the WiFi point ;-)

I don't know whether you would need a crossover - my guess would be not, but the easiest way to find out would be to try one. Alternatively try connecting the router internet port and the ISA internal nic via a switch or hub if you have one spare. If it starts working via a switch then you will need a crossover.

However why not connect the LAN side of the WiFi router to the internal NIC of the ISA server, use the server to provide DHCP and DNS and then use the internal router to give you WiFi connectivity.

At the moment your solution has 3 routers in series - which is a whole lot of NAT making VPN anything difficult. If you have the external router set as a DMZ throwing everything at the external NIC os ISA server, and use ISA server as a NAT router with the internal WiFi connected via it's LAN port you will have a single router to configure instead of three.
0
 

Author Comment

by:gateguard
ID: 21774149
You bring up some interesting points.  I'm going to take a look at that.

This whole thing brings me back to the one point I gave up on, getting the external nic card on the isa 2004 server to get a dhcp-provided address from the cable modem.  If only it could do that.  If only.

0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In all versions of ISA Server and the current version of FTMG, the default https protocol uses TCP port 443 and 563 only. This cannot be changed within the ISA or FTMG GUI and must be completed from a Windows cmd prompt on the ISA Server itself. …
Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question