Solved

Setting Up ISA Behind ADSL

Posted on 2009-04-13
3
984 Views
Last Modified: 2013-12-14
Hi. I'm setting up a ISA 2006 Enterprise server behind my DSL router. We host several websites and a few FTP servers.  I have a static IP. I'm wanting to see if I have the right idea for this to work.

Plan
Set the router to transparent bride. Give the WAN NIC of ISA my Static IP Address.
Problem - Still need to authenticate somehow with my ISP - Qwest

Plan 2
Keep the router as is currently
Set ISA in the DMZ
Forward all traffic to ISA and delegate from there.

Which is better? Is there another way to do this? Any and all advice is greatly appreciated!
0
Comment
Question by:dsmjeff
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 7

Expert Comment

by:hau_it
ID: 24145216
If i was you i would do the following.

1 setup the ISA in SBS 2003 server
2 create a domain
3 Configure the ISA with two NIC one for the domain and one attached to the DSL router
4 Create NAT in the DSL router for the web and ftp services
5 Publish the web sites and ftp to the ISA

It s not easy. there are many things to do but it is an interesting task.

Dimitris
0
 

Author Comment

by:dsmjeff
ID: 24147609
Thanks.

We already have the domain setup on a Server 2003 box. We do have a copy of SBS 2003, but only use it for Exchange and one of the DC's. I'd prefer not to make it my firewall as well, just for the fact that if that box fails, I'm in deep trouble!! :)

On your number 4, your saying just punch holes through for the current FTP/Web sites and push them all to ISA and publish through there?

How would that work? For example, I'm having issues right now trying to set the WAN NIC to my public IP. I only have one static, is that enough? Do I just set my routers internal IP Structure to be ISA's WAN NIC?

Thanks!
0
 
LVL 7

Accepted Solution

by:
hau_it earned 500 total points
ID: 24147760
In every aspect you have a single point of failure. Either it is the router or the server or the ISA.
The ISA config it is very easy to export and import it again in case of a failure

Now in number 4 what i am saying is that in your router you will do static NAT to your inside IP address. If it is one server that hosts the web and ftp sites its ok. But if they are more then you need more IPs.
This static NAT will point to the external IP of the ISA (the one not in your domain).
All of the websites will be published to the ISA server
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question