ISA 2004 - Not processing rule?

From: Michael (mike_chan__at_hotmail.com)
Date: 02/13/05

  • Next message: Michael: "Re: ISA 2004 and DHCP IP on External Interface" 
    Date: Sun, 13 Feb 2005 12:22:10 +1100

    I've just installed ISA 2004 Standard. It is pretty much in its default
    Edge Firewall template configuration. The external interface is picking
    up an IP address from an ISP via DHCP and this works fine through
    modification of a DHCP Replies System Policy...although I'm a bit
    skeptical about letting DHCP Replies come from the External interface -
    I had to do this because it doesn't seem to pick up an IP address if the
    lease has expired.

    The problem I am facing is that when I create a firewall policy with the
    following attributes;

    Action: Allow
    Protocol -> Selected Protocols -> My Custom Protocol (Outbound)
    From: Local Host
    To: External
    Users: All Users
    Schedule: Always
    Content Types: All Content Types

    My Custom Protocol (Outbound) is defined as TCP Outbound for port 5000
    to 5001. No Application Filters are enabled.

    I enabled this firewall policy and placed it just underneath the "Allow
    DNS to the Internet" firewall policy. Its in position 3 of the Firewall
    Policy list just above the Last Default Rule.

    I now start up my custom application (configured to talk to destination
    port 5000). This is what the logs tell me;
    Destination: externalhostname (IP not provided)
    Destination Port: 5000
    Protocol: My Custom Protocol (Outbound)
    Action: Denied Connection
    Rule: Default Rule
    Client IP: myexternalinterface (IP not provided)
    Source Network: Local Host
    Destination Network: External

    Despite tweaking with the custom firewall policy for hours now, I can't
    seem to get my ISA 2004 to recognise that the conditions are the same as
    the custom firewall policy I defined.

    Can anyone shed some light as to why its doing this? Has anyone had the
    same experiences?

    Thanks.

  • Next message: Michael: "Re: ISA 2004 and DHCP IP on External Interface"

    Relevant Pages

    • ISA 2004 - Not processing rule?
      ... Edge Firewall template configuration. ... skeptical about letting DHCP Replies come from the External interface - ... The problem I am facing is that when I create a firewall policy with the ... My Custom Protocol is defined as TCP Outbound for port 5000 ...
      (microsoft.public.isaserver)
    • ISA 2004 - Not processing rule?
      ... Edge Firewall template configuration. ... skeptical about letting DHCP Replies come from the External interface - ... The problem I am facing is that when I create a firewall policy with the ... My Custom Protocol is defined as TCP Outbound for port 5000 ...
      (microsoft.public.isa)
    • Re: Company Firewalls IP Address
      ... At the routing level packets will ALWAYS go to the next-hop which may ... The firewall translates this into and Externally ... routable IP address which lives on the external interface of the firewall. ... > The packets do not have to go directly to the source IP. ...
      (Security-Basics)
    • Re: External management on a netscreen-5
      ... firewall on the same IP address as the external interface. ... Manage-IP address to be 0.0.0.0 - (it defaults to the same IP as the ... encrypted equivalent. ...
      (comp.security.firewalls)
    • RE: CheckPoint remote access
      ... It sounds like the firewall policy is getting in your way. ... unload the locally installed policy. ... Connect notebook directly to ethernet port with IP ...
      (Security-Basics)