RE: ISA configuration - BlackBerry Enterprise Server on SBS2K

From: Dana Becker [MSFT] (danabeck_at_online.microsoft.com)
Date: 04/30/04 

Date: Fri, 30 Apr 2004 12:44:07 GMT

Hello Jim,

When you created your packet filters in ISA to test the BES functionality,
did this work? From what you have listed it should work, and if it does,
then I would focus on trying to restrict the packet filters if security is
a concern. (Direction not being Both, etc)

As for the firewall client on the server....you definitely do not want to
attempt that.

Also, from what I know of BES, it is not recommended to install/run that on
the same server that Exchange is running on. I haven't checked the latest
documentation to see if that has changed or not, but you might want to keep
that into consideration as you configure your server as well.

Regards,

Dana Becker
Microsoft Small Business Server Support

This posting is provided "AS IS" with no warranties, and confers no rights.

|
| I'm trying to get a BlackBerry server running on my SBS.
|
| Does anyone, or anyone you know, run a BlackBerry
| Enterprise Server on their SBS2K? (A "Yes" on this one
| would be huge. Be my yes.)
|
| The current headache is ISA configuration. I haven't even
| installed the software, instead focusing on getting a
| positive result from their connectivity test program. The
| BES needs outbound access on port 3101 to BlackBerry's
| servers. It also needs either a transparent proxy
| connection, or outbound port forwarding.
|
| First, port 3101. I believe I need to create 2 IP Packet
| Filters - 1 TCP, 1 UDP. Here they are:
|
| Filter Name: SRP Connection TCP
| Protocol: TCP
| Direction: Both (overkill - was in random tweak mode)
| Local port: Fixed - 3101
| Remote port: All ports
| Filter applies to: Default external interface IPs
| And: All remote computers
|
| Filter Name: SRP Connection UDP
| Protocol: UDP
| Direction: Both
| Local port: Fixed - 3101
| Remote port: All ports
| Filter applies to: Default external interface IPs
| And: All remote computers
|
| Doesn't that make a bigger than needed hole in my firewall?
|
| And the transparent proxy/outbound port forwarding:
| I'm at a loss, here. Can you bypass the proxy for local
| requests? Should I put the firewall client on the SBS?
| (that sounds evil) Is outbound port forwarding possible
| with an ISA Server?
|
| Did I ask if anyone ran a BES on their SBS2K?
|
| TIA
|
| Jim
|

Relevant Pages

  • Re: Assistance Setting up IP Filtering in a 2003 Routing Remote Access Server
    ... and music streaming servers use port 80 for streaming. ... How can I filter out this non work related traffic? ... Routing server: Windows 2003 server standard w/two NICs on external to ... Workstation Internet Access: ...
    (microsoft.public.windows.server.networking)
  • Re: Explain this one- ITs BAAACCCCKKK!
    ... very slowly, when the main server was very slow or didn't work), cept for a ... specific slowdowns is if Comcast was trying to filter port 80 traffic, ... or that users were somehow overusing port 80. ... You can watch the signal levels ...
    (alt.internet.wireless)
  • Re: TCP/IP Filtering - cant browse Internet
    ... Using the port filter on the interface usually does not work because it does ... not allow for port redirection on outbound connections. ... As long as no one ever uses this server as a workstation (i.e. browsing the ...
    (microsoft.public.win2000.security)
  • Re: TCP/IP Filtering - cant browse Internet
    ... Using the port filter on the interface usually does not work because it does ... not allow for port redirection on outbound connections. ... As long as no one ever uses this server as a workstation (i.e. browsing the ...
    (microsoft.public.win2000.security)
  • Re: BlackBerry Dienste
    ... Intern habe ich den Server, wo der BES Server eingerichtet ist eingestellt ... Richtung: Senden Empfangen ... Port 3101 bis 3101 ...
    (microsoft.public.de.german.isaserver)