Microsoft
Software
Hardware
Network
Question : ISA 2006 Server configuration of second intenal network
Hello,
I am currently running ISA Server 2006 standard on Windows 2003 server Standard with SP2.
I have the default networks defined, and all work as they are designed to.
I have an External, Internal, Local Host, and VPN Clients networks define.
Now I want to make some changes:
I have added a new network card. I have created a new network, which I call "virualization".
On the virtualization network, no internet access is required, no routing beyond this network. All that is required is for all machines connected to this network to be able to communicated with each other (via ip address).
Here is what I have created:
Each server is connected to this Virtualization network for the sole purpose of backups. The backup software is installed on a backup server within this virtalization network.
I want the backup software to connect to each server within this zone and pull down the data so each server can be backed up.
I want the backup server to be able to communicate with the ISA Server and pull down the data on it in order to make a backup of the ISA 2006 server.
Here is the problem I am facing (I have obviously made a config error):
I can ping from the ISA server to the backup server. The backup server cannot ping the ISA server;
On the "internal network" I can ping the ISA server from my workstation (which is part of the internal network) and I cand RDP, as well as view the hidden shares (e.g. "C-drive") of the ISA server from my worksation, but I cannot do so from the backup server in the virtualization network.
Another important note - when I had my backup server in the "Internal network", I could not pull the data from the ISA server for backup. I then added a policy rule (as a test) to allow me to back up the data, but the result was that when the backup was in progress (and reading / transfering data from ISA server), no computer on the internal network was able to communicate with the firewall server (and hence no internet access).
Another interesting thing:
I wanted to see why I cannot communicate with the ISA server from the backup server by pinging, so I checked the monitoring and I see access denied (last rule in firewall policy, deny everything).
Now when I try the same thing, ping from my workstation to the ISA server is successful, but I can find no entry in the monitoring (within ISA server management). Why would this be the case? I cannot understand why one network allows communication and one does not.
Can I accomplish what I want?
Thanks in advance.
Mark
Answer : ISA 2006 Server configuration of second intenal network
Review the ISA gui system policy - not the firewall policy.
highight the firewall policy on the left-hand pane. Open the side window on the right (the handle half way down on the right-edge if it is closed and select edit system policy.
Keith
Random Solutions
Infopath Form service comparison between SharePoint 2007 and SharePoint 2010
Shell command doesn't work on all computers
Large Calendar
Store file in mysql using connector.net and blob field
Rpc over Https
Routing and remote access VPN ip.
Mass user Migrate from LCS to OCS 2007
Windows XP - BSOD STOP: C000021a The windows logon process terminated unexpectedly with a status of 0x00000005 (0x00000000 0x00000000)
Changing fileserver password
WCF Problem: The private key is not present in the X.509 certificate.
