Solved

Do we need RRAS to enable Routing on ISA 2006 machine for MultiNIC Config?

Posted on 2009-04-11
6
265 Views
Last Modified: 2013-11-16
Hi,

I am installing ISA 2006 Enterprise Edition on a server. I plan to install COnfiguration Storage Server and ISA Services on the same server . (Is it ok to go?)

I have two NICs on it.

NIC1 10.0.8.x          NAt to a Public IP
NIC2  10.0.25.x       Local LAN

Now one of my friends said that I need to install RRAS in order to enable routing on this.

For now I have not installed ISA or CSS on this server.

It's a windows 2003 SP2 server not yet joined to the domain.

Kindly help me in installing ISA EE correctly please.

Regards.
0
Comment
Question by:Amir4u
  • 4
  • 2
6 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 24124817
your last sentence is similar to 'Kindly help me carry out brain surgery - via email'.
However, to answer your question, no - you do need to install RRAS separately.
Also, ISA uses the routing provided by the ISA host operating system.
0
 

Author Comment

by:Amir4u
ID: 24124927
Thanx keith for the answer ....

is it possible to ask another question ? regarding how to put DNS in public NIC and Local NIC ? i.e. ISP DNS in Public NIC + Local DNS or just ISP DNS

Also on PRivate NIC - Just Local DNS or no DNS

I will be thankful for this favor ...

Regards.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24124989
other way round. the internal dns server ip address should be on both the ISA internal AND external nic. The ISP DNS should NOT be placed on ISA Server. The ISP dns server ip addresses should be in the forwarder tab of the internal dns servers.

to put it more clearly, no internal server or workstation should include the ISP dns server ip addresses in their NIC tcpip settings. The ISP dns server addresses should ONLY be in the forwarder tab of the internal dns servers inside the DNS service mmc snapin.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24124994
just remember to add an access rule for DNS from internal to external
0
 

Author Comment

by:Amir4u
ID: 24125393
thanx,
you wold be amazed to know(or may be not) that our local  DNS server does not forward any request to our ISP DNS. It only resolves locally.

Our exchange server  has local IP which is NAT ed and on it's NIC the ISP DNS address is given.

Our current ISA2000 is working the same way. it is configured with local IP which is NAT ed and it's both DNS are ISP DNS

SO now I am configuring my Edge FIrewall ISA 2006 EE with Multi NIC  I also have a local IP on PUBLIC NIC which is NAT ed  and so shud I not put both DNS as ISP DNS there and for the PRIVATE NIC which has a local IP also from another subnet the local DNS IP?

I hope i didn't make a mess of this explanation..
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24125929
No - i have explained where it should go already. Put the ISP dns on ISA and you will have trouble. If you want to do it differently then that is your call if you want to ignore best-practice.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

There are three types of ISA client that can be configured - these can be individual clients or multiples of a client on each PC or server SecureNAT. A SecureNAT client for ISA server is a client machine, work station or server, that has its defa…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question