Configure ISA server behind a PIX 535

Discussion in 'Cisco' started by asr, Jan 6, 2006.

  1. asr

    asr Guest

    I have a PIX 535 bundle , running 7.0. I need to setup a ISA server as
    a web proxy, Secure NAT and the Firewall client. I am planning to have
    the ISA server connected to PIX inside segment only and configure NAT
    for the ISA server on the PIX. The ISA server is connected only to the
    inside segmnet and there is no external interface. I want to find out
    if I could implemnet all 3 features according to my plan of
    configuration and what port configuartion is needed on the PIX and any
    special configuration is needed for the browser or the client PCs to
    implement all the above features on the ISA server.
     
    asr, Jan 6, 2006
    #1
    1. Advertising

  2. asr

    Town Dummy Guest

    It is possible to follow the plan that you have outlined.

    Set your inside address with this command:
    ip address inside 16.65.23.225 255.255.255.252

    The next command that will help you more than anything is the static command
    as shown below:

    static (inside,outside) 16.65.23.225 16.65.23.225 netmask 255.255.255.255
    0 0

    This will help you NOT double nat and make everything that you want to move
    through the ISA as default route out of your LAN. NAT will also be handled
    by the ISA. After we ran this setup for a year, we dumped the ISA and put
    in Websense that works with the PIX and does real Proxy. If you have the
    ISA license then go for it. If you don't then re-think the ISA.



    "asr" <> wrote in message
    news:...
    >I have a PIX 535 bundle , running 7.0. I need to setup a ISA server as
    > a web proxy, Secure NAT and the Firewall client. I am planning to have
    > the ISA server connected to PIX inside segment only and configure NAT
    > for the ISA server on the PIX. The ISA server is connected only to the
    > inside segmnet and there is no external interface. I want to find out
    > if I could implemnet all 3 features according to my plan of
    > configuration and what port configuartion is needed on the PIX and any
    > special configuration is needed for the browser or the client PCs to
    > implement all the above features on the ISA server.
    >
     
    Town Dummy, Jan 7, 2006
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mike Harrison

    Pix 535 Failover bundle/DSL question

    Mike Harrison, Jul 12, 2003, in forum: Cisco
    Replies:
    2
    Views:
    1,095
  2. Corbin O'Reilly
    Replies:
    2
    Views:
    3,197
    Corbin O'Reilly
    May 26, 2004
  3. Ned Hart
    Replies:
    0
    Views:
    880
    Ned Hart
    Jun 6, 2004
  4. Mitch Silver

    Cisco pix 535

    Mitch Silver, Oct 14, 2004, in forum: Cisco
    Replies:
    2
    Views:
    784
    Walter Roberson
    Oct 14, 2004
  5. Adam KOSA

    pix 535

    Adam KOSA, Feb 10, 2005, in forum: Cisco
    Replies:
    1
    Views:
    566
    Roland Sonder
    Feb 11, 2005
Loading...

Share This Page