Announcement

Collapse
No announcement yet.

isa server 2004 setup

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • isa server 2004 setup

    Hey,

    Currently running a ISA server though it is not running on the gateway IE; at the moment only as a web proxy.

    So want to move it to another server running two NICS so that all internal traffic is forced to go through it to get out.

    Now my question is the Cisco router in use at the moment is doing the DHCP for the internal subnet though if i put a ISA server in between the router and internal network will the router's new internal addressing affect the DHCP operations for the old internal network.

    Thanks in advance, made it as clear as possible........... better say thanks again

  • #2
    Re: isa server 2004 setup

    I would strongly recommend against having your internal DHCP coming through the ISA External interface. Firstly you'll have to open extra ports up to allow DHCP traffic through, and secondly machines that are not protected by ISA will be able to contact your DHCP device. This is a pretty major security hole.

    ISA operates best as an edge device, so I'd have internet->ISA and if you still need the Cisco have it connected to the ISA's internal NIC and then the internal network behind. Ideally though I'd do away with the Cisco (unless you have need of it E.g VPN users) and have a DC on the internal network doing DHCP.

    This of course assumes you are running an AD domain.
    BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
    sigpic
    Cruachan's Blog

    Comment


    • #3
      Re: isa server 2004 setup

      ok well noted doing DHCP internally can be achieved.

      So ISA server will have two NICS right with

      NIC1 (internal)
      having existing gateway IP and subnet currently in use

      NIC2 (external)
      having new IP and subnet created that connects to the Cisco routers Fe0 port right.

      This makes sense to me, so is this ok?

      And yes there is an AD domain running.

      Thanks again

      Comment


      • #4
        Re: isa server 2004 setup

        This link from isaserver.org specifies how you should setup your NICs for ISA.
        BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
        sigpic
        Cruachan's Blog

        Comment


        • #5
          Re: isa server 2004 setup

          what i was thinking was correct......... that's great

          thanks again

          Comment

          Working...
          X