Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

ISA and 2 Internet Routers

Status
Not open for further replies.
anthonymel

anthonymel

Technical User
Jan 4, 2005
76
US
Objective of St Mary’s Tech Plan 2005-2008

1) Gigabit Backbone-fiber optics
2) Teacher Training
3) LCD’s in more rooms
4) Discovery Channel Service
5) Full T1-Internet Connection


Here at the high school I'm planning to have two full T-1 lines installed. One for administration computers and the other for the rest of the school.

The ISA server is the default gateway for all machines. Is there a way on that server to have the administrations PCs use one router and connection and the rest of the school use other router and connection?

I know of how to do this with DHCP with user class IDs but in this case I want every computer to hit the ISA server first.

Thanks,

Anthony

 
Sort by date Sort by votes
Hi,

as far as I know: No.

It's possible to enter more than one default gateway. However, only the first entry will be used as long as it is not detected as dead. Default Gateway Behavior for Windows TCP/IP

What you could do however, is to have two ISA Servers. One for school users and the other for admin-users. Then, to make sure only admin-users are granted access, create access rules which require authentication. You could also create access rules which determines access based on Source IP address, but this is less secure, because a user might be able to use one of the "priviledged" IPs and thereby gain access.

HTH

Cheers
Knutern
 
Upvote 0 Downvote
Well if I use DHCP class ids I can hand out ip addresses based on a network card's class id. I would create a script and configure those computers used by admins to have a class id called admin. Then deploy the script through AD and computer logon. When is asks the DHCP server for an address it will see that it belongs to the class named admin and it will get an ip address and default gateway based off that class.

I can have it point to the ISA server that is behind the admin internet router. Then I would do the same for students but on the student ISA server. That way it will always go the right ISA server which would then forward the packets out to the net.

Which way would work better?

Anthony
 
Upvote 0 Downvote
I think thats a good idea anthony, but coupled with either an extra NIC card on the ISA and proper VLAN setup. You shouldn't need 2 ISA's for 2 T's worth of traffic! Segment your Admin and Student pop by vlan, much easy to manage.

What is it if a man inherits the whole world but loses his soul? -Jesus
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
290
Sameer258
Sameer258
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
247
nnaarrnn
nnaarrnn
Nitta84
  • Locked
  • Question
navigation slow and tcp syc/ack drop
Replies
0
Views
209
Nitta84
Nitta84
ITSUPPORTIT
  • Locked
  • Question
VPN from ASA 5510 and RV215W problem
Replies
0
Views
79
ITSUPPORTIT
ITSUPPORTIT
ttrsux
  • Locked
  • Question
No internet access on new LAN eth0/2 1
Replies
6
Views
140
iggsterman
iggsterman

Part and Inventory Search

Sponsor

Back
Top