Re: Packet filter just won't work.
From: Tristan Kington [MSFT] (tristank_at_online.microsoft.com)
Date: 04/24/04
- Next message: fahlis: "ISA 2004 issues,incedibly slow login from clients to domain!"
- Previous message: Rick Lemons: "Re: HTTP TCP port issue when port in URL"
- In reply to: Kurt Drefs: "Packet filter just won't work."
- Next in thread: Kurt Drefs: "Re: Packet filter just won't work."
- Reply: Kurt Drefs: "Re: Packet filter just won't work."
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 24 Apr 2004 15:17:28 +1000
You use packet filters to provide access to the ISA Server itself, and the
DMZ (perimeter) network.
Looking at your requirements, I think you're trying to route through the ISA
Server to the internal network from the external network; that won't work,
any external net to internal net traffic must be published.
Instead, delete the packet filter and try creating a Server Publishing rule
with a Receive Send protocol definition for the protocol you want published.
-- This posting is provided "AS IS" with no warranties, and confers no rights. "Kurt Drefs" <meklaar777@yahoo.com> wrote in message news:eDx524UKEHA.2024@TK2MSFTNGP11.phx.gbl... My config is this. Internet>PIX>2 ISA Loadbalanced with Rainwall>internal. I am trying to have the PIX use an internal Syslog server. I have created a filter to allow bidirectional UDP 514 for Syslog Allow PIX Syslog Inbound\outbound Description : Allows UDP 514 in for PIX syslog logging Enabled : True Filter Mode : Allow Filter Type : Custom Protocol : UDP Direction : Inbound and Outbound Local Port : 514 Remote Port : 514 Local Computer Filter Applies to : Default External IP Remote Computer Filter Applies to : All Remote Computers The messages are not getting through. I have tried trying a rule for each individual ISA server applying it to a static external IP, stopping/restarting services, rebooting the servers, and it just won't work. IPPEXTD log 2004-04-23 15:54:38 172.16.1.1(PIX) 192.168.27.35(Syslog address)Udp 514 514 BLOCKED 172.16.1.12 (an external isa address) When I shut one ISA server down the other just takes over blocking the messages. Any input would be appreciated. Thanks Kurt
- Next message: fahlis: "ISA 2004 issues,incedibly slow login from clients to domain!"
- Previous message: Rick Lemons: "Re: HTTP TCP port issue when port in URL"
- In reply to: Kurt Drefs: "Packet filter just won't work."
- Next in thread: Kurt Drefs: "Re: Packet filter just won't work."
- Reply: Kurt Drefs: "Re: Packet filter just won't work."
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
