Solved

ZyWall 5 and ISA server

Posted on 2009-04-01
1
493 Views
Last Modified: 2012-05-06
Hi All,

I want to add a ISA server to our network to control my users access to the internet and to secure our network against intruders.
That is working ok.

The tricky part is that we also have some remote offices which connect to the main office through IPSec VPN.

Today we have a ZyWall 35 in the main office and a ZyWall 5 in the branch offices. The ZyWall 5 is then establishing the IPSec VPN connection to the ZyWall 35.

All our LAN users in the main office is behind the ZyWall 35, and using this as the gateway.

We want to change the gateway for our office users to the ISA server, and still be able to connect to the users behind the VPN in the branch office.

How can we transform our current network setup into a working setup using a ISA in main office and the ZyWall 5 in branch offices as VPN Clients and if necessary the ZyWall 35 in main office?

Today working network:
Main office:
LAN Network: 192.168.1.0/255.255.240.0
ZyWall 35 LAN IP: 192.168.1.1
ZyWall 35 WAN IP: 80.x.x.20

Branch Office:
LAN Network: 192.168.51.0/255.255.240.0
ZyWall 5 LAN IP: 192.168.51.1

I hope I make myself clear, and your are able to give me a solution. If I am unclear in some parts please ask me for more information.
0
Comment
Question by:munchiman
1 Comment
 

Accepted Solution

by:
munchiman earned 0 total points
ID: 24057177
Hi All,

I have found out of some things on my own:

- According to Zyxel support it is not possible to connect a ZyWall to a ISA Server VPN.
- It is not possible either to have a ZyWall behind the ISA, operating in Router or bridge mode, the ZyWall need to have its own link to the internet.

We solved the issue by adding the ZyWall to the internet too, give it an externally IP address, and then add some route tables to the ISA server to route all VPN-traffic correct. (since all equipment has the ISA server as primary gateway)
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
AnyConnect 3 76
Site-to-Site VPN Cisco ASA 5505 to Cisco RV320 4 148
Sudden loss of remote desktop connectivity via VPN 11 66
How to setup 3 isps on a redundant mode? 3 30
There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question