ISA Server 2006 configuration
Hello,
One of my clients is a software house - they design and develop software.
There current infrastructure using ISA 2006 Server, divided into two zones - internet and internal. This has worked very well until recently.
The problem is that the development team has been performing testing that affects the production network in a negative way. There run several Virtual Machine's (VM) and one of the VM is a a rogue DHCP server.
I would like to create a zone on ISA server just for R & D and call it the "Dev" zone. I would like Dev to have the same rules as internal zone.
I would also like to have almost full communication between the "Dev" and Internal zones (with a few exceptions on specific protocals) and I will use firewall rules to adjsut communication between the zones.
The ISA server has enough network ports, so creating the Dev zone should not be an issue.
I treid creating the Dev zone with its own distinxt ipo range, and encountered a few problems.
After creating the new DEV zone, firewall policies (not rules) prevent it from communicating with the internal zone although surfing the internet works; If I include the Dev ip range into the internal zone, communicating with the internal zone works but not internet.
Does anyone know how I can resolve these issues?
Thanks in advance.
Mark
One of my clients is a software house - they design and develop software.
There current infrastructure using ISA 2006 Server, divided into two zones - internet and internal. This has worked very well until recently.
The problem is that the development team has been performing testing that affects the production network in a negative way. There run several Virtual Machine's (VM) and one of the VM is a a rogue DHCP server.
I would like to create a zone on ISA server just for R & D and call it the "Dev" zone. I would like Dev to have the same rules as internal zone.
I would also like to have almost full communication between the "Dev" and Internal zones (with a few exceptions on specific protocals) and I will use firewall rules to adjsut communication between the zones.
The ISA server has enough network ports, so creating the Dev zone should not be an issue.
I treid creating the Dev zone with its own distinxt ipo range, and encountered a few problems.
After creating the new DEV zone, firewall policies (not rules) prevent it from communicating with the internal zone although surfing the internet works; If I include the Dev ip range into the internal zone, communicating with the internal zone works but not internet.
Does anyone know how I can resolve these issues?
Thanks in advance.
Mark
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you for your assistance.
Mark
Mark
Also, what is the relationship between the internal network and the DEV zone? If you want it to work like you want it to it has to be "Route" and not NAT.