Solved

ISA server on a virtual machine

Posted on 2010-11-12
4
635 Views
Last Modified: 2012-08-14
Folks

Planing to install ISA server on a VM and deploy exchange server behind it.

Wondering if ISA server VM needs  dedicated network interfaces for internal and external networks  ... any ideas ?
0
Comment
Question by:akhalighi
4 Comments
 
LVL 15

Expert Comment

by:GreatVargas
ID: 34120760
It does not need dedicated NIC's, but for security reasons you can dedicate a NIC for the external network. Also you need that a physical NIC has physical and dedicated access to a DMZ or external network
0
 
LVL 49

Expert Comment

by:Akhater
ID: 34120766
the external NIC of ISA needs to be dedicated, the internal one can be shared
0
 

Assisted Solution

by:bryant_buckland
bryant_buckland earned 50 total points
ID: 34121207
We have our ISA Server setup with a DMZ dedicated network and then another virtual NIC for the internal.  For best security practices you really want it like this.  You could NAT from the outside firewall to the internal interface and then port forward on a separate internal IP on the same virtual NIC, but you are really defeating the security aspect of ISA to a great degree by doing this.  You can also trunk all traffic to the ESX host/Hyper V host on one physical NIC and then still add separate virtual adapters as well if the case is your host does not have separate NIC's.  In our case our host has one physical connection for the console, one for our external network (non-trunked/non-vlan tagged) and then another NIC for all the internal production VLAN tagged networks.
0
 
LVL 29

Accepted Solution

by:
pwindell earned 75 total points
ID: 34122072
Virtualize your ISA or Forefront TMG servers (Video, Jim Harrison)
http://technet.microsoft.com/en-us/edge/virtualize-your-isa-or-forefront-tmg-servers.aspx 
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SBS 2011. One user has no X400 email address 4 33
Exchange 2013 certificate 8 39
open ost file into new machine? 7 56
exchange, SPF 21 19
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Find out what you should include to make the best professional email signature for your organization.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question