CSS can't talk to array members in workgroup config
- From: R5 <R5@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 10 Sep 2008 13:43:05 -0700
We have a single NIC ISA 2006 SP1 server sitting on a DMZ network of our PIX.
The CSS is on the internal network. I have verified the PIX is not the
problem, or at least is most likely not the problem. I used the FWEngMon.exe
tool and allowed access between the CSS and Array member, then the CSS was
able to see the Array memeber, no problem. What's strange is Array member
has no problem seeing the CSS and is able to make changes to the
configuration. This is usally the other way around (harder to get from DMZ
to inside that vise versa), but futher proves the PIX isn't the problem since
it allows traffic from the inside to the less trusted network by default, but
blocks everything from the less trusted to the internal side.
The array member seemed to be blocking some sort of RPC traffic (stuff on
port 1035), but I couldn't come up with a rule to allow incoming tcp 1035
traffic (am I retarded?), but could make only an Outgoing rule (wtf?).
I'm assuming 1035 is being used for authentication, I've opened these ports
on webservers on the DMZ to the DCs before.
.
- Follow-Ups:
- Re: CSS can't talk to array members in workgroup config
- From: Jim Harrison \(ISA SE\)
- Re: CSS can't talk to array members in workgroup config
- Prev by Date: online kredit oesterreich kredite beantragen online kredit forum kredite ohne schufa serioes online credit ohne schufa
- Next by Date: Re: CSS can't talk to array members in workgroup config
- Previous by thread: online kredit oesterreich kredite beantragen online kredit forum kredite ohne schufa serioes online credit ohne schufa
- Next by thread: Re: CSS can't talk to array members in workgroup config
- Index(es):
Relevant Pages
|
Loading
