M
Majstor
Hello,
We have gateway to Internet with both RRAS (both for VPN service and routing
internal users to Internet) and ISA "proxy".
Now, most computers have no need for Internet applications except basic
few, so have no "default gateway" and the only way out is by ISA proxy
(HTTP,HTTPS,FTP).
Some computers need to use other Internet applications so they have default
gateway, and use RRAS for NAT and routing.
Now,
There is a problem with RRAS NAT. It seems like it cannot "find" internal IP
address in return. It reflects like connections being broken, or at least
unstable.
But, when I reserve public IP address for specific internal IP address in
"RRAS/ IP routing / Public interface/ Address pool/ Reservations", it works
OK.
But for me, this is not idea of how NAT should work.
1) Does RRAS NAT coexist peacefully with ISA "proxy"? As far as I know
"proxy" uses only public address of computer and you cannot reconfigure it.
2) In RRAS you can set a pool of public IP addresses, and (if needed)
reserve for specific internal IP address.
Do I need to use it at all? By default, RRAS "public pool" is empty and
RRAS NAT client is assigned only one address: the one of public interface. I
tried experimenting with other public adresses or a few of them in RRAS
"public pool". Of course, I have 2 interfaces: public and internal and
translation is only on public one.
How should this be configured?
3) Does it make problem if you include the public address of server in RRAS
"public pool". This is the same one that proxy uses!
4) Are these problems with RRAS NAT due to bad configuration or RRAS NAT is
garbage? Would this work normally with ISA NAT?
Regards,
Vladimir
We have gateway to Internet with both RRAS (both for VPN service and routing
internal users to Internet) and ISA "proxy".
Now, most computers have no need for Internet applications except basic
few, so have no "default gateway" and the only way out is by ISA proxy
(HTTP,HTTPS,FTP).
Some computers need to use other Internet applications so they have default
gateway, and use RRAS for NAT and routing.
Now,
There is a problem with RRAS NAT. It seems like it cannot "find" internal IP
address in return. It reflects like connections being broken, or at least
unstable.
But, when I reserve public IP address for specific internal IP address in
"RRAS/ IP routing / Public interface/ Address pool/ Reservations", it works
OK.
But for me, this is not idea of how NAT should work.
1) Does RRAS NAT coexist peacefully with ISA "proxy"? As far as I know
"proxy" uses only public address of computer and you cannot reconfigure it.
2) In RRAS you can set a pool of public IP addresses, and (if needed)
reserve for specific internal IP address.
Do I need to use it at all? By default, RRAS "public pool" is empty and
RRAS NAT client is assigned only one address: the one of public interface. I
tried experimenting with other public adresses or a few of them in RRAS
"public pool". Of course, I have 2 interfaces: public and internal and
translation is only on public one.
How should this be configured?
3) Does it make problem if you include the public address of server in RRAS
"public pool". This is the same one that proxy uses!
4) Are these problems with RRAS NAT due to bad configuration or RRAS NAT is
garbage? Would this work normally with ISA NAT?
Regards,
Vladimir