Broadcast IP's through Sonicwall for AV Enforcement

[Lack]

We have ISA Server 2003 set up on the LAN and we are using it as Proxy Server for internet access. This allows single IP filtering for our Surfcontrol software in a Citrix environment installed on that machine. The problem? I have also installed a Sonicwall firewall as the Gateway and have turned on AntiVirus enforcemnt at the firewall. Now that we are passing through the ISA server before hitting the gateway, I can not tell Sonicwall which Satic IP's to enforce the AV as it only sees the one static from the ISA server. Is there a way to config the ISA to broadcast the actual client IP to the Gateway> Any help would be greatly appreciated.

 

[coco10]

hi, you use your isa server with nat...
you may change the relation of the networks of the isa internal and external to routing.. i never use this for that but may help you.

coco10

 

[Lack]

thx for the reply.
Any ideas on doing this/ I do have some experience with NAT, etc.

 

[coco10]

if you have isa server 2004 got o configuration/network/network rules
and there go to the rule of internet acces then
rightclick/propierties and change network relationship
to routing.


hope its helps
coco10

 

[Lack]

coco,

I changed the Network Relationship to Route but it seemed to have no affect. The Sonicwall was still only showing the IP address of that ISA Server as the only IP address connected. I tested it with my local WS and did not see any change. Could it be that a log off and relog in might be needed? Otherwise, is there something I'm missing? Should this change route the ACTUAL private static IP's from the ISA server to the Sonicwall? Thx for anything you might have...

 

[Knutern]

If you use network monitor, or some other sniffer tool, on the outside lan of the ISA, do you see the ISA external IP or the IP of the machine on the inside initiating the session?

Cheers
Knutern