Link to home
Create AccountLog in
Avatar of mikey250
mikey250

asked on

ISA 2006 - DOES IT HAVE TO BE STANDALONE LINKED TO MY DC

My intention is to setup a Win 2003 DC with 3 host pcs and a separate Win 2003/ISA 2006 server to be the firewall so I can also learn about ISA 2006 is the objective.  I have no spare cash so cannot buy ASA etc etc

Qns1. Does my ISA 2006 have to be installed on a separate box but not as a DC but just connected to the domain - ?

This is the list below I was given so wanted to confirm:

In simple terms, this is the supported options...

ISA 2000 - NON-DC - Windows 2000/Windows 2003 - 32-bit only
ISA 2000 - DC - SBS2000/SBS2003 - 32-bit only
ISA 2004 - NON-DC - Windows 2003 - 32-bit only
ISA 2004 - DC - SBS2003 - 32-bit only
ISA 2006 - NON-DC - Windows 2003 - 32-bit only
TMG 2010 - Non-DC - Windows W2008SP2/Windows 2008R2 - 64-bit only
TMG 2010 - Read Only DC - Windows W2008SP2/Windows 2008R2 - 64-bit only
ASKER CERTIFIED SOLUTION
Avatar of Paul MacDonald
Paul MacDonald
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of mikey250
mikey250

ASKER

Hi thats good to know as Ive decided to separate both my DC Server and ISA 2006 on separate member server NOT DC as you mention..

Ive read here:  http://technet.microsoft.com/en-us/library/bb838661.aspx - That only 1 nic can be used as per comments:

You can install ISA Server 2006 on computers with a single network adapter. Typically, you will do so when another firewall is located on the edge of the network, connecting your corporate resources to the Internet. In this single network adapter scenario, ISA Server typically functions as a Web proxy server or a cache server, caching content from the Internet, for use by clients on the corporate network. If you install a single network adapter, you only need to update the internal network adapter table, which is shown in the next section.

Qns1. What do you recomend 1 or 2 - ?
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Hi I only have the following equipment to play with which is specifically for test purposes and no real traffic:

5 x 32bit Pentium 3 pc/servers that Ive always used with Win 2003 & host pcs & 1 laptop

I currently have a 'Residential Netgear box'  When I use my Win 2003 DHCP I normally disable my Netgear Dhcp to continue

Once Ive basically setup ISA 2006 I will introduce some routers & switches to make it more real more than likely 1 router or 2:

- 3 x 2500
- 2 x 2600
- 2 x 3600
- 4 x 2950 switch
I have no firewall except for ISA 2006 hence wish to use to act as my only firewall.

Once done I can link to one of my routers and configure: CBAC which will be the firewall via my router so the setup could be as you imply:

First firewall ISA 2006
2nd firewall via my Router/CBAC already configured
off of the Router/CBAC I could have my Netgear router or something like this

Will have to think about network diagram of how it will look though..
I'd recommend you practice most with whichever configuration you plan on implementing.  In the testbed, you can try both, but ultimately you should spend the most time working with the configuration you think you'll deploy.
ok..