Re: Firewall client behavior with a modem
- From: "Phillip Windell" <philwindell@xxxxxxxxxxx>
- Date: Mon, 24 Mar 2008 09:38:52 -0500
"UnderCoverGuy" <UnderCoverGuy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:BB551755-D275-4787-A9CD-628018C7F20D@xxxxxxxxxxxxxxxx
I have to wonder - why would or how does the firewall client impact a
local
workstation modem connection? Is there a way to exclude the modem from
the
local workstation firewall client configuration?
The Firewall Client works as a Winsock Layer Service Provider (LSP) so it
operates at a much higher level than the modem connection. Therefore the
Firewall Client will "see" the traffic long before it ever gets down to the
level where it gets passed accross the modem. Since the Destination is not
"on the LAN" the Firewall Client interprets it to be "out on the internet"
and sends it out the ISA,...where it obviously and subsequently fails.
You have a couple options:
1. If the Dialup is using TCP/IP and you know what the IP Range that is
being used by the connection,...you can add the IP Range to the Addresses
Tab of the Internal Network Definition.
2. Or you can teach the user to right-click on the Firewall Client Icon by
the Clock,...set it to disabled,...use the Dialup connection,...when
finished with the Dialup Connection go back and re-enable the Firewall
Client.
We have always used this one in similar situations.
3. Find another way to use the product that currently uses the Dialup. A
Dialup is a "cave-man" technology from back when we used pull-ropes and a
choke to start computers. The company the product comes from needs to come
out of the dark ages and come up with a new method of making their services
available to you.
Also,..before anyone asks,...VPN will not solve the problem,...it will be
the *same* problem because VPN is also a Dialup based technology. It
doesn't matter if it is a real dialup adapter (modem) or a virtual dialup
adapter (VPN),...it is still a Dialup Adapter,...the Virtual one just uses
an IP# in place of the phone number but in the end it is operated by the
same principles.
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html
Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc
Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.mspx
Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------
.
- Prev by Date: Re: ISA Server CLient for MAC
- Next by Date: RE: How to block Gmail
- Previous by thread: ISA Server CLient for MAC
- Next by thread: RE: How to block Gmail
- Index(es):
Relevant Pages
|
Loading
