Re: NAT question
- From: Dom <invalid@xxxxxxxxxxxxxxx>
- Date: Wed, 06 Sep 2006 22:22:57 -0500
On Wed, 2006-09-06 at 13:15 -0700, K.J. 44 wrote:
I am running a router connected to a firewall connected to a single
server running Windows Server 2003, Exchange, and ISA. I want to use
ISA as another layer of defense so the server is multihomed. the Lan
is connected to one NIC and the other NIC is connected to the firewall.
wan___router___firewall___isa___lan
Really bad to depend on windows for network connectivity. Suppose you'll
be learning that lesson the hard way.
My question is this. No matter what traffic is sent, whether it is
from the server or a PC on the other side of the server, it will have a
source address of the NIC connected to the firewall right? because ISA
is a proxy, it makes all requests on behalf of the clients?
If I recall, ISA has proxy support for http/https and limited support
for ftp. Be aware that proxy implementation will likely break certain
features of both protocols. Other traffic will probably traverse isa as
routed.
having a static NAT translation to pass information to Exchange doesn't
make sense because all traffic will have the same source IP when it
gets to the firewall.
Like I say, probably not. Put a packet sniffer on it and find out for
yourself. You still need to get public traffic to the exchange server
somehow. Nat it or route it... doesn't matter. They both work.
.
- Follow-Ups:
- Re: NAT question
- From: K.J. 44
- Re: NAT question
- References:
- NAT question
- From: K.J. 44
- NAT question
- Prev by Date: Re: Cisco VPN Gateway: simultaneously accept IKE and forward it to another GW inbound, on same public IP address
- Next by Date: Re: PIX: Confused about the from / to aspect of access list syntax
- Previous by thread: NAT question
- Next by thread: Re: NAT question
- Index(es):
Relevant Pages
|
