Configuring the local address table
If you install Microsoft Internet Security and Acceleration (ISA) Server in firewall mode or in integrated mode, as part of the setup process, you must specify the local address table (LAT). The local address table is a table of all internal Internet protocol (IP) address ranges used by the internal network behind the ISA Server computer. ISA Server uses the LAT to control how machines on the internal network communicate with external networks.
Typically, the LAT contains all IP addresses associated with the internal network cards on the ISA Server computer, in addition to the private IP address ranges defined by the Internet Assigned Numbers Authority (IANA).
For configuration instructions, see Configure the local address table.
ISA Server can construct the LAT, based on your Windows 2000 routing table. You can also select the private IP address ranges, as defined by the Internet Assigned Numbers Authority (IANA) in RFC 1918. These three blocks of addresses are reserved for private intranets only and are never used on the public Internet.
The default LAT includes addresses known as private IP addresses. These addresses are listed in the local routing table. Because of the way ISA Server reads the routing table for Windows 2000 Server, the default LAT may not contain all of your organization's addresses. You can add these addresses manually. You can also add addresses that are not part of your network as local addresses.
The LAT is maintained centrally at the ISA Server computer. Firewall clients automatically download and receive LAT updates at preset intervals. When a Firewall client requests an object, the client checks the LAT. If an IP address request is in the LAT, then the Firewall client requests the object directly. If the IP address request is not in the LAT, the client asks the ISA Server computer to request the object on its behalf.
Secure network address translation (SecureNAT) clients do not have a local copy of the LAT. Therefore, when a SecureNAT client requests an object, the request is sent through ISA Server. If the request is to an external IP address, then ISA Server makes the request on behalf of the client.
For instructions on constructing the LAT, see Construct a local address table.
Windows 2000 routing table
When ISA Server constructs the LAT, it uses the Windows 2000 routing table to determine which address ranges in your internal network are internal. If you fail to set the routing table correctly, the ISA Server LAT may not be built correctly. This can result in a client request for an internal IP address being routed to the Internet or being redirected through the Firewall service. You can use the Windows 2000 routing utility to configure the routing table accordingly. Then, during installation, you can construct the LAT, based on your Windows 2000 routing table.
