We have xp workstations connected onto a small business server acting as active directory/isa firewall/proxy (no dhcp). Is there a reason that after installing a 2nd firewall on the network (same subnet etc), that changing the default gateway on the workstations isnt sufficient to route inet traffic through the new firewall?
A freshly setup linux box connects straight on to the alternate firewall with just ip, default gateway. dns settings.
Will having ISA still active on the network confuse the process? Are there further config settings deeper down in windows that need attention?
Any ideas pointers on this would be appreciated?
Other info:
Firewalls tried: Smoothwall and Ipcop;
small ethernet netwoork 40 pcs;
can ping to new firwalls from workstations;
activating web proxy on new firewall and reconfiguring workstation browser works fine; >Point of 2nd firewall is lack of some necessary features on ISA for a linux app;
Would be nice to have some redundancy to though
Best Answer
Short answer is that just flipping DHCP should be enough.
Actually removing ISA isn't needed.
You could also consider a better edge firewall/router like the Juniper (branch) SRX line or Cisco 877.