Solved

Perimeter network access to internal network in a Back firewall configuration (ISA 2006)

Posted on 2008-10-07
5
676 Views
Last Modified: 2008-11-17
Hello,

I have a server in the perimeter network that requires access to the internal network.  Temporarily I want all traffic from this server to the internal network permitted.  I have setup a firewall rule to allow this, but it doesnt seem to work.  I have setup logging and access is denied to the internal network by the default deny rule.  

Do I need to setup any additional Network rules, other then the default rules?
0
Comment
Question by:AC_Nova
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 11

Expert Comment

by:EricTViking
ID: 22664416
The sort of rule you probably need is allow all outbound traffic, from server in perimeter network, to internal for all users. That should be the only rule you need.
0
 
LVL 5

Author Comment

by:AC_Nova
ID: 22666870
Thats what I have, but its not working.
0
 
LVL 11

Expert Comment

by:EricTViking
ID: 22694654
Could you describe the topology of your network in a bit more detail? What networks do you have and what are their IP ranges? And where abouts on the network are your servers?
0
 
LVL 5

Author Comment

by:AC_Nova
ID: 22700745
ISA
Ethernet adapter External:
   IP Address. . . . . . . . . . . . : 10.58.9.5
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.58.9.1
Ethernet adapter Internal:
   IP Address. . . . . . . . . . . . : 10.59.69.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 10.59.57.46
                                       10.59.57.47

server that I wish to access in the dmz
10.59.9.7
255.255.255.0
10.59.9.1

10.58.9.1 is a hardware firewall.

dns servers are internal:

10.59.57.46
 10.59.57.47

0
 
LVL 5

Accepted Solution

by:
AC_Nova earned 0 total points
ID: 22701826
Dont worry I've sorted it.  It was a network route combined with a host add on the cisco kit.

cheers
0

Featured Post

Enroll in June's Course of the Month

June's Course of the Month is now available! Every 10 seconds, a consumer gets hit with ransomware. Refresh your knowledge of ransomware best practices by enrolling in this month's complimentary course for Premium Members, Team Accounts, and Qualified Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are three types of ISA client that can be configured - these can be individual clients or multiples of a client on each PC or server SecureNAT. A SecureNAT client for ISA server is a client machine, work station or server, that has its defa…
Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question