Here is my situation which I'm not sure of the best way to go. I have a
SBS
2003 with ISA Server 2004. The ISA server has two NIC's, one internal,
and
one external. The external is connected directly to the cable internet.
The
internal is plugged into our network which has access to the internet
through
ADSL. Our ADSL is setup through a sonic wall which has two office VPN
connections set through it. The problem is if the default gateway is
setup
on the NIC with cable the users connected through the VPN are rejected by
ISA
specifying a spoofed IP problem. If I switch the gateway to go through
the
sonicwall, everything works fine, but our websites/exhange no longer
function
because they want to go out the cable connection.
My quest is... is there a way to force the ISA/SBS to access our internal
gateway if the IP range is that of the VPN clients, otherwise use the
cable/external gateway. I could get this going by duplicating VPN
connections, but it seems to me there must be a better way the duplicating
a
VPN just for the SBS. All machines through the VPN can see the SBS, but
they
just get blocked/rejected. The SBS can't see the VPN clients because the
clients can't be accessed through the external gateway.
|
