MS ISA 2006 Server

RSR

RSR

RSR

Soldato
Joined
17 Aug 2006
Posts
10,053
Morning Chaps,

I've got a ISA Server related question.

This is the configuration i am going to be place it in.

Cisco 1841 > Cisco ASA 5540 > MS ISA Server > Internal Network.

It would effectively its a backend typical setup, there is going to be a DMZ off the Cisco ASA as well.

I would need to open ports between the ASA and ISA which is easy enough to for normal network traffic.

However, my main question is we current use the Cisco ASA for our VPN clients coming to to our network. Whats the best way to pass these thru on to our internal network? Do i allow access to the range of IP address give thru the ASA on to the internal network or do i have to forward a set number of ports?

Has any one else set up a like this? If so what where "the gotta ya's"

Thanks

Andy
 
Last edited:
Skidilliplop said:
Are you wanting to pass the VPN through to the Local servers or are you endpointing the VPN on the ASA?
Click to expand...

The ASA should be the endpoint. However, the ASA authenticates against AD.

So would i allow access to the IP address / range given by the ASA, thru ISA?

Thanks

Andy
 
Hi Mate,

Yes the VPNs endpoint is the ASA, this then gives the user its IP address from a range on the ASA. Yes they are on a private IP range and the ISA is going to be doing the NATing.

Thanks

Andy
 
Cool, thanks for the info.

Yea i had pretty much options one and two in my head. I am just trying to get all my planning done for the weekend.

Thanks again.

Andy
 
You must log in or register to reply here.
Back
Top Bottom