ISA between VLAN's

Hello guys,
I have a weird problem with a certain software (Bloomberg), Bloomberg needs internet connection to pass through, certain ports has to be opened, all of that seems normal, when i try to connect through ISA it never connects and it keeps looking hopelessly for connection.... I have 2 Vlans as follows:

192.168.1.x (lets call it Vlan 1)
192.168.2.x (lets call it Vlan 2)

Isa has 3 NIC's, one connected to Vlan 1, second connected to Vlan 2, Third NIC is for Intra-Array communication...

The Cisco Firewall (my gateway) and all servers (DC's, application servers, exchange, etc..) are connected to Vlan 1
all users are connected to Vlan 2

ISA has an access rule that allows network traffic from internal to External for that user am logging in with, i can access internet freely with no restrictions at all, except this software.....the software requirements is that i should be able to reach some servers like pdir.bloomberg.net, i can't even ping those addresses from Vlan 2 and actually i cannot ping any other name or IP in internet, can resolve names though, i used firewall client and it didn't work too...

Where does the problem occur ?
Why when i tried this software on a pc on VLAN 1 it connected without problems at all ( i had the cisco's IP as my gateway and didnt go through ISA server) ?
Is it ISA or routing between VLAN's?
Shouldn't the ISA pass the traffic from VLAN 2 to VlAN 1 where my gateway is ?

Please assist me with that critical problem since business is depending on that Bloomberg software.
AMFOPAsked:
Who is Participating?
 
AMFOPConnect With a Mentor Author Commented:
Ok guys i figured out where the problem was, the software can use a socks5 proxy server and since the ISA 2006 doesn't by default support socks5, i had to google for something and i found that socks5 3rd party tool for ISA 2004/2006:

http://www.securesocks5.com/download.aspx#unregistered_restrictions

Once installed it the Bloomberg software connected directly :))

thanks for your responses guys.
0
 
btassureCommented:
If the ISA server is not doing NAT (and it probably shouldn't be) you will need a route statement in the firewall that points to the second VLAN's subnet via the ISA.
something along the lines of
192.168.2.0 255.255.255.0 {ip of ISA}
My guess is that you can browse OK as ISA will be acting as a proxy server at the moment and is trying to route the rest of the traffic but there is no return route.
0
 
PugglewuggleCommented:
That sounds right to me. The only other consideration is that you have some sort of firewall filter on VLAN 2 that's restricting packet flow on certain protocols (you did say DNS lookup works).
Cheers! Let us know!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.