Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

ISA server on a virtual machine

Posted on 2010-11-12
4
Medium Priority
?
659 Views
Last Modified: 2012-08-14
Folks

Planing to install ISA server on a VM and deploy exchange server behind it.

Wondering if ISA server VM needs  dedicated network interfaces for internal and external networks  ... any ideas ?
0
Comment
Question by:akhalighi
4 Comments
 
LVL 15

Expert Comment

by:Antonio Vargas
ID: 34120760
It does not need dedicated NIC's, but for security reasons you can dedicate a NIC for the external network. Also you need that a physical NIC has physical and dedicated access to a DMZ or external network
0
 
LVL 49

Expert Comment

by:Akhater
ID: 34120766
the external NIC of ISA needs to be dedicated, the internal one can be shared
0
 

Assisted Solution

by:bryant_buckland
bryant_buckland earned 200 total points
ID: 34121207
We have our ISA Server setup with a DMZ dedicated network and then another virtual NIC for the internal.  For best security practices you really want it like this.  You could NAT from the outside firewall to the internal interface and then port forward on a separate internal IP on the same virtual NIC, but you are really defeating the security aspect of ISA to a great degree by doing this.  You can also trunk all traffic to the ESX host/Hyper V host on one physical NIC and then still add separate virtual adapters as well if the case is your host does not have separate NIC's.  In our case our host has one physical connection for the console, one for our external network (non-trunked/non-vlan tagged) and then another NIC for all the internal production VLAN tagged networks.
0
 
LVL 29

Accepted Solution

by:
pwindell earned 300 total points
ID: 34122072
Virtualize your ISA or Forefront TMG servers (Video, Jim Harrison)
http://technet.microsoft.com/en-us/edge/virtualize-your-isa-or-forefront-tmg-servers.aspx 
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to effectively resolve the number one email related issue received by helpdesks.
Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

927 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question