ISA Server 2004 Configuration Guide 245
Create the Network Rule at the Main Office
The ISA Server 2004 firewall must know what method to use to route packets to the branch
office network. There are two options: Route and NAT. A route relationship routes packets to
the branch office and preserves the source IP address of the clients who make a connection
over the site-to-site link. A NAT relationship replaces the source IP address of the client
making the connection. In general, the route relationship provides a higher level of protocol
support, but the NAT relationship provides a higher level of security.
Perform the following steps to create a Network Rule that controls the routing relationship
between the main office and branch office networks:
1. Expand the Configuration node in the left Pane of the console. Click on the Networks
node.
2. Click on the Network Rules tab in the Details Pane. Click on the Tasks tab in the Task
Pane. Click Create a New Network Rule.
3. On the Welcome to the New Network Rule Wizard page, enter a name for the rule in
the Network rule name text box. In this example, we call the rule MainBranch. Click
Next.
4. On the Network Traffic Sources page, click Add.
5. In the Add Network Entities dialog box, click the Networks folder. Double click on the
Internal network. Click Close.
6. Click Next on the Network Traffic Sources page.
7. On the Network Traffic Destinations page, click Add.
8. In the Add Network Entities dialog box, double click on the Branch network. Click
Close.
9. Click Next on the Network Traffic Destinations page.
10. On the Network Relationship page, select Route.
