Solved

Do we need RRAS to enable Routing on ISA 2006 machine for MultiNIC Config?

Posted on 2009-04-11
6
257 Views
Last Modified: 2013-11-16
Hi,

I am installing ISA 2006 Enterprise Edition on a server. I plan to install COnfiguration Storage Server and ISA Services on the same server . (Is it ok to go?)

I have two NICs on it.

NIC1 10.0.8.x          NAt to a Public IP
NIC2  10.0.25.x       Local LAN

Now one of my friends said that I need to install RRAS in order to enable routing on this.

For now I have not installed ISA or CSS on this server.

It's a windows 2003 SP2 server not yet joined to the domain.

Kindly help me in installing ISA EE correctly please.

Regards.
0
Comment
Question by:Amir4u
  • 4
  • 2
6 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 24124817
your last sentence is similar to 'Kindly help me carry out brain surgery - via email'.
However, to answer your question, no - you do need to install RRAS separately.
Also, ISA uses the routing provided by the ISA host operating system.
0
 

Author Comment

by:Amir4u
ID: 24124927
Thanx keith for the answer ....

is it possible to ask another question ? regarding how to put DNS in public NIC and Local NIC ? i.e. ISP DNS in Public NIC + Local DNS or just ISP DNS

Also on PRivate NIC - Just Local DNS or no DNS

I will be thankful for this favor ...

Regards.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24124989
other way round. the internal dns server ip address should be on both the ISA internal AND external nic. The ISP DNS should NOT be placed on ISA Server. The ISP dns server ip addresses should be in the forwarder tab of the internal dns servers.

to put it more clearly, no internal server or workstation should include the ISP dns server ip addresses in their NIC tcpip settings. The ISP dns server addresses should ONLY be in the forwarder tab of the internal dns servers inside the DNS service mmc snapin.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24124994
just remember to add an access rule for DNS from internal to external
0
 

Author Comment

by:Amir4u
ID: 24125393
thanx,
you wold be amazed to know(or may be not) that our local  DNS server does not forward any request to our ISP DNS. It only resolves locally.

Our exchange server  has local IP which is NAT ed and on it's NIC the ISP DNS address is given.

Our current ISA2000 is working the same way. it is configured with local IP which is NAT ed and it's both DNS are ISP DNS

SO now I am configuring my Edge FIrewall ISA 2006 EE with Multi NIC  I also have a local IP on PUBLIC NIC which is NAT ed  and so shud I not put both DNS as ISP DNS there and for the PRIVATE NIC which has a local IP also from another subnet the local DNS IP?

I hope i didn't make a mess of this explanation..
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24125929
No - i have explained where it should go already. Put the ISP dns on ISA and you will have trouble. If you want to do it differently then that is your call if you want to ignore best-practice.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ISA Server detected routes through the network adapter LAN that do not correlate with the network to which this network adapter belongs What does this mean and how can one go about correcting it? In simple terms, this error message indicates t…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now