[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

ISA2006 - controlling what IP address is used for outbound communications?

Posted on 2009-02-09
6
Medium Priority
?
460 Views
Last Modified: 2013-11-16
I have a multi homed ISA2006 in a small network as the edge firewall.  There are 5 routable public IPs attached (75.1.2.101 - 105) to the external NIC,  and 1 IP (192.168.0.1) on the interenal NIC with the LAN and clinets/servers behind the internal NIC (192.168.0.n). addressing scheme.
I need to get an internal server on 192.168.0.2 (behind the isa server)  to communicate with an external network over a specified IP address  on the isa server's external NIC for example 75.1.2.10.105.

Q. Is there a way to force a connection to the external network that uses a speciified IP address from the 5 externally bound addresses on the ISA server ?
0
Comment
Question by:martinmcginley
  • 4
  • 2
6 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 23592760
No - not supported Martin - the outbound NAT will always use the first ip listed
0
 

Author Comment

by:martinmcginley
ID: 23592770
ok - just to verify whatever of the 5 ips is listed first is the ip used as the outbound ip - right ?
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 23592806
That is the way it is written, yes. On certain boxes, this shows itself as the ip that is actually bound to the nic being the one that is always used. ie the machine, for some reason, differentiates between the actually bound ip address and the (in your case) four additional addresses which are just arp addresses.
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 23592815
Bottom line, you cannot create rules that allow http to go out one address and smtp to go out on another address, for example.
0
 

Author Closing Comment

by:martinmcginley
ID: 31544520
thanks - i got it
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 23593714
:)
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
So the following errors occurs in 2 ways that I am aware of at this stage, and you receive one of the following error messages: ERROR 1. When trying to save a rule: No Web listener is specified for the Web publishing rule Autodiscovery Publishin…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question