Solved

Do we need RRAS to enable Routing on ISA 2006 machine for MultiNIC Config?

Posted on 2009-04-11
6
237 Views
Last Modified: 2013-11-16
Hi,

I am installing ISA 2006 Enterprise Edition on a server. I plan to install COnfiguration Storage Server and ISA Services on the same server . (Is it ok to go?)

I have two NICs on it.

NIC1 10.0.8.x          NAt to a Public IP
NIC2  10.0.25.x       Local LAN

Now one of my friends said that I need to install RRAS in order to enable routing on this.

For now I have not installed ISA or CSS on this server.

It's a windows 2003 SP2 server not yet joined to the domain.

Kindly help me in installing ISA EE correctly please.

Regards.
0
Comment
Question by:Amir4u
  • 4
  • 2
6 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
Comment Utility
your last sentence is similar to 'Kindly help me carry out brain surgery - via email'.
However, to answer your question, no - you do need to install RRAS separately.
Also, ISA uses the routing provided by the ISA host operating system.
0
 

Author Comment

by:Amir4u
Comment Utility
Thanx keith for the answer ....

is it possible to ask another question ? regarding how to put DNS in public NIC and Local NIC ? i.e. ISP DNS in Public NIC + Local DNS or just ISP DNS

Also on PRivate NIC - Just Local DNS or no DNS

I will be thankful for this favor ...

Regards.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
other way round. the internal dns server ip address should be on both the ISA internal AND external nic. The ISP DNS should NOT be placed on ISA Server. The ISP dns server ip addresses should be in the forwarder tab of the internal dns servers.

to put it more clearly, no internal server or workstation should include the ISP dns server ip addresses in their NIC tcpip settings. The ISP dns server addresses should ONLY be in the forwarder tab of the internal dns servers inside the DNS service mmc snapin.
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
just remember to add an access rule for DNS from internal to external
0
 

Author Comment

by:Amir4u
Comment Utility
thanx,
you wold be amazed to know(or may be not) that our local  DNS server does not forward any request to our ISP DNS. It only resolves locally.

Our exchange server  has local IP which is NAT ed and on it's NIC the ISP DNS address is given.

Our current ISA2000 is working the same way. it is configured with local IP which is NAT ed and it's both DNS are ISP DNS

SO now I am configuring my Edge FIrewall ISA 2006 EE with Multi NIC  I also have a local IP on PUBLIC NIC which is NAT ed  and so shud I not put both DNS as ISP DNS there and for the PRIVATE NIC which has a local IP also from another subnet the local DNS IP?

I hope i didn't make a mess of this explanation..
0
 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
No - i have explained where it should go already. Put the ISP dns on ISA and you will have trouble. If you want to do it differently then that is your call if you want to ignore best-practice.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Forefront is the brand name for Microsoft's major security product. Forefront covers a number of specific security areas and has 'swallowed' a number of applications under this umbrella including Antigen, ISA Server, the Integrated Access Gateway (t…
Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now