SO I'm feeling pretty dumb, this is actually my second question on this. I've formatted and replaced both Network card thinking there might be some hardware failure. or a corruption in the TCP/IP stack. I'm pretty sure I'm just failing to remeber/understand a key component.
at the current time, I have a network with 3 servers, all of them have dual NICS, all 3 plug into the current old and starting to fail hardware firewall on their external NICs. in a "DMZ" subnet on the inside of the Hardware Firewall. My Goal is to remove the Hardware Firewall and replace it with an ISA server, as I have the hardware and software available. and it'll be nearly free and theoretically give us a much more fine tuned ability to block people we don't want in and to control things for our users.
currently there's an Incoming Static ISP connection with 5 IPs. it comes into a 5 port bussiness connect router set in bridge mode and attached to it is the Firewall.
External IP x.x.x.91
Internal IP 192.168.101.254
The SBS Server currently is routing and is set as
Hosting DNS, WINS, DHPC, Exchange, RRAS (NAT and VPN), Company Shared, Sharepoint using the SBS Internet connection wizard.
Other Servers are a Terminal Server (user VPN in than open RDP) and a dedicated Oracle Box.
My Goal is to remove the 192.168.101.x subnet. and replace the Firewall with an ISA server, and if it's secure enough, and a Good plan to take the routing and VPN off the SBServer and put it on the ISA server positioned at 192.168.202.254
removing a layer of NATing, and leaving a bit more Overhead for the SBServer to do the rest of it's jobs.
I'm not a security guy. but like all admin generally get the concepts and attempt to do thing in a safe manner for my clients, My plan sounds good to me, the problem is I can't seem to get the ISA server to even pull it's own updates after installing ISA 2006.