PUblishing to specific private IP for an IPSEC VPN partner
I have an edge only two member load balanced ISA 2004 EE array with only internal and external interfaces. I have a partner site that I need to create an IPSEC VPN tunnel with. They route to a network that has the same IP scheme that I have on my internal LAN, so we will need to NAT to each other. He is going to NAT his side behind a 150.30.0.0/16 and needs me to NAT behind 10.163.195.16/29 (this range works for me).
I've created many IPSEC VPNs before but none where the other side routed to a network with the same IP scheme as ours. I've never published a server to a private IP address. The only thing I've published was my e-mail server to a public address.
How do I publish an internal server to a specific private IP address for an IPSEC VPN partner site to access? I'm assuming I will need to add an IP address to one of the NICs? If so which one, the external or internal? I guess I'll need to set up a NAT route rule between the VPN network and my internal?
Any help would be appreciated.
Oh, I forgot to mention; this is not a web publishing rule, but needs to be a server publishing rule for a protocol that I will define.
Leonard McCoy- Edited byLeonard McCoy Sunday, August 16, 2009 9:38 PMforgot to add a note
Answers
- Please don't multipost.
See my response in http://social.technet.microsoft.com/Forums/en-US/ForefrontedgePub/thread/a73a0ccb-bd17-4119-95ef-1195718eaf4a/?prof=required.
Jim Harrison Forefront Edge CS- Proposed As Answer byJim Harrison IsaDewd Monday, August 17, 2009 8:50 PM
- Marked As Answer byNick Gu - MSFTMSFT, ModeratorTuesday, August 18, 2009 8:20 AM
All Replies
- Please don't multipost.
See my response in http://social.technet.microsoft.com/Forums/en-US/ForefrontedgePub/thread/a73a0ccb-bd17-4119-95ef-1195718eaf4a/?prof=required.
Jim Harrison Forefront Edge CS- Proposed As Answer byJim Harrison IsaDewd Monday, August 17, 2009 8:50 PM
- Marked As Answer byNick Gu - MSFTMSFT, ModeratorTuesday, August 18, 2009 8:20 AM
