Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Sharing Internet connection with my VPN clients

0 views
Skip to first unread message

Mac

unread,
Jan 8, 2010, 12:40:02 PM1/8/10
to
hello,
i've got my VPN connected through VPN Firewall Routers, and it's working
smoothly, The HQ got 2 ADSL lines, One for Internet access, and the other one
"DATA LINE" for VPN connection with the other 2 branches.
my network server got 2 NIC, one as an internal interface, and the other as
an external interface.
when i got my Internet connection i add a new NIC to the server, and
re-configured my ISA setting to start from IP range 10.2.*.*/24.
Branch B with IP 10.2.*.* will connect to HQ 10.1.*.* normally. would ISA
2006 allow Branch B to go through 10.0.*.* to access the internet.
shall i route between VPN IP and Inernet NIC?

Phillip Windell

unread,
Jan 12, 2010, 1:10:32 PM1/12/10
to
"Mac" <M...@discussions.microsoft.com> wrote in message
news:A0612495-F779-4745...@microsoft.com...

> when i got my Internet connection i add a new NIC to the server, and
> re-configured my ISA setting to start from IP range 10.2.*.*/24.
> Branch B with IP 10.2.*.* will connect to HQ 10.1.*.*

What does that mean?
Please explain in a understandable way.

--
Phillip Windell

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Technet Library
ISA2004
http://technet.microsoft.com/en-us/library/cc302436(TechNet.10).aspx
ISA2006
http://technet.microsoft.com/en-us/library/bb898433(TechNet.10).aspx

Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.mspx

Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------


vamsheekrishnaveepuri

unread,
Mar 12, 2010, 1:36:56 AM3/12/10
to
Hi,

I have ISA 2004 facing the Internet in my HO.
ISA IP s
Public IP : 202.65.X.X
Private IP: 192.168.1.13

I have a HP Procurve router behind the ISA which connects to the Remote Branch over a P2P LL.
HP Procurve IP Settings at the HO
Private IP on eth 0/1:192.168.1.238 - Facing the HO LAN
Private IP on Ser 0/1: 10.10.10.1 -Facing the P2P Link
Default Gateway : 192.168.1.13

The HO LAN has good access to internet - with either the ISA or the HP router as the Gateway.

Cisco router IP s
Private IP on Fe 0/2: 192.168.10.65 - Facing the Remote LAN
Private IP on Ser 0/2: 10.10.10.2 - Facing the P2P Link
Only one IP route on the Cisco Router
ip route 0.0.0.0 0.0.0.0 192.168.10.65

Now both the LAN s are communicating excellently with each other.

But I'm not able to pump internet to the Remote Branch.

Pls can any one help?

Phillip Windell wrote:

What does that mean?
12-Jan-10

What does that mean?
Please explain in a understandable way.

--
Phillip Windell

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Technet Library
ISA2004
http://technet.microsoft.com/en-us/library/cc302436(TechNet.10).aspx
ISA2006
http://technet.microsoft.com/en-us/library/bb898433(TechNet.10).aspx

Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.mspx

Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------

Previous Posts In This Thread:

On Friday, January 08, 2010 12:40 PM
Mac wrote:

Sharing Internet connection with my VPN clients
hello,
i've got my VPN connected through VPN Firewall Routers, and it is working


smoothly, The HQ got 2 ADSL lines, One for Internet access, and the other one
"DATA LINE" for VPN connection with the other 2 branches.
my network server got 2 NIC, one as an internal interface, and the other as
an external interface.

when i got my Internet connection i add a new NIC to the server, and
re-configured my ISA setting to start from IP range 10.2.*.*/24.

Branch B with IP 10.2.*.* will connect to HQ 10.1.*.* normally. would ISA
2006 allow Branch B to go through 10.0.*.* to access the internet.
shall i route between VPN IP and Inernet NIC?

On Tuesday, January 12, 2010 1:10 PM
Phillip Windell wrote:

What does that mean?


What does that mean?
Please explain in a understandable way.

--
Phillip Windell

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Technet Library
ISA2004
http://technet.microsoft.com/en-us/library/cc302436(TechNet.10).aspx
ISA2006
http://technet.microsoft.com/en-us/library/bb898433(TechNet.10).aspx

Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.mspx

Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------


Submitted via EggHeadCafe - Software Developer Portal of Choice
Featured Product / Service Review: TekPub
http://www.eggheadcafe.com/tutorials/aspnet/ae6e21fa-3443-4134-9d2e-39384482c80e/featured-product--servic.aspx

Phillip Windell

unread,
Mar 16, 2010, 11:52:20 AM3/16/10
to
If the Clients are SecureNAT Clients then the "default path" must lead them
from where they are to the ISA. But Web Proxy or Firewall Clients do
not need that.

You have to add the IP Ranges of all the LAN Segments to the Addresses Tab
of the Internal Network Defintion.

You have to add a Static Route to the OS of the ISA machine that tells it
the correct interior "gateway" to reach thos other segments.

If the other LANs are not all part fo the same Domain you will have
authentication problems if you try to force authentication.


--
Phillip Windell

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------


<VamsheeKrishna Veepuri> wrote in message
news:201031213655v...@crownbeers.com...

0 new messages