We help IT Professionals succeed at work.

ISA 2006 QUERY

mikey250
mikey250 asked
on

ISA 2006
 

Hi
Qns1. Im setting up a small LAN and with 1 Win 2003 DC and 1 Win 2003 'ISA 2006' Member Server as have been told it should not be part of the domain...

Qns1. Ive never configured ISA 2006 before but wanted to know if the IP Addressing scheme has to be the same on all 3 NICs ?

Qns2. Im not sure where the default-gateway should go if I had 3 NICs ?
Comment
Watch Question

Consultant
Commented:
1. The ISA can be a member server, there are some advantages for this if you are authenticating roaming users VPN connections. But by having it separate from the domain gives you a small additional layer of security of the ISA server is compromised.

2. Each NIC should have an IP Address on a different subnet
eg. Lan 192.168.1.1/24
DMZ 10.1.1.1/24
Internet 65.12.123.1/30

There should only (and can only be) one default gateway. That is the whole point of a default gateway, it is the place to send packets that do not match any routing rules. This would generally be out the internet connection.

Hope this makes sense.

Author

Commented:
Currently Im using a Residential Netgear box which also has DHCP feature which I normally disable and use my Win 2003 Dhcp.!!As a test LAN..!

Qns1. Im assuming instead of 'NAT' being used in other situations, having separate NIC's provides another ability to do the same thing ?

I currently have 2 NIC's in place so going to try that and a 3rd NIC as cant get my head around the practical side although yes separate subnetting just like 'NAT' for eg..!

The Youtube videos Ive what have showed 2 Nics but Ive only seen the video select 1 Nic so not sure why the 2nd nic wasnt added although I assume was already pre-configured and not for that specific video.  And cannot find a youtube video to show the configuration of 2 NIC's..
Andrew OakeleyConsultant
Commented:
You will still need NAT to be able to browse the internet.

Author

Commented:
Oh but when I whatched a video of installing 'ISA 2006' it did not tick the box for 'NAT'..!

Ok when I install it later today I will wait till I get to that stage and see.!!! thanks

Qns1. Should both my Win 2003 DC & Member server be part of same static subnet - ?
Andrew OakeleyConsultant

Commented:
Qns1. Should both my Win 2003 DC & Member server be part of same static subnet - ?
If you want them to be able to comunicate with each other - yes. If they are not on the same sumbet you will need a router between them.

I suggest you read up on the basics of how routing works, and also a bit about NAT. Once you have an understanding of this configuring your ISA server will be much easier

Author

Commented:
ok daft question I know..
Andrew OakeleyConsultant

Commented:
:)

Explore More ContentExplore courses, solutions, and other research materials related to this topic.