Re: Publishing a SSH Server

Sorry, also did you restart the server after these rules were setup?

"Wilmar" wrote:

Hello Steve

I did what you suggested but didn't work either. I don't think the problem
has anything to do with the SSH server itself becauseit works fine internally
and, besides, the connection gets drop at the ISA before the external client
can even reach the SSH server which has a private address and is located in
my DMZ zone.

Anyway thanks for your answer, is there anything else you would try?

Regards,

Wilmar

"Steve Arnold" wrote:

Hi
Your unix box cannot reply to SSH request, try below?
Create a client address set for your unix box (ip address from to are the
same), then create a new site and content rule to allow your unix box
outbound access to all external, like this
Rule = enable
Destinations = all external
schedule = always
action = allowed
applies to = client address set specified below (the unix box ip address)
http content = all content groups

This worked for me on ISA 2000 and 2004, I hope this helps you

Regards

Steve




"Jim Harrison (MSFT)" wrote:

What do your ISA logs show for that traffic?
Have you gathered a network capture to see what is happening "on the wire"?
--
--
Jim Harrison [ISA SE]
Read the help, books and articles!

This posting is provided "AS IS" with no warranties, and confers no rights.

"Wilmar" <Wilmar@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:F238B6BA-7E2E-4190-807A-7F1275CC409A@xxxxxxxxxxxxxxxx
Hello Jim

In that case the server is a SecureNET client but still it doesn't work....
I'm really clueless with this thing. What would you do?

Regards

"Jim Harrison (MSFT)" wrote:

The IP settings on that box will use the ISA as the "last hop" to the Internet.
If ISA and the Linux box are in the same subnet, it will use the ISA internal IP as its default gateway.
If not, it will use the default gateway of the nearest router and your routing chain will use the ISA as the "last hop".
--
--
Jim Harrison [ISA SE]
Read the help, books and articles!

This posting is provided "AS IS" with no warranties, and confers no rights.

"Wilmar" <Wilmar@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:5F275AFB-49DA-4566-92A5-4ABAE438D95B@xxxxxxxxxxxxxxxx
I'm testing from the external network. From the internal network and from
the ISA Local I can access the SSH server without problem. Just a question:
the SSH server run on a Linux box, do you know how I make sure it's running
as a SecureNET client?

Thanks

"Jim Harrison (MSFT)" wrote:

That's a potentially important point.
Server publishing requires that the published server be configured as a SecureNET client (uses ISA as the "last hop" to the
Internet)
Web publishing does not.

Where are you testing from; internal, ISA-local or external?
--
--
Jim Harrison [ISA SE]
Read the help, books and articles!

This posting is provided "AS IS" with no warranties, and confers no rights.

"Wilmar" <Wilmar@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:3181A0DA-5D11-4D28-8502-510F81D0D89D@xxxxxxxxxxxxxxxx
Hello Jim

I also would like to let you know that in the same SSH server I'm trying to
publish, there's also a Web server that works without any problem and which I
was able to publish without any complication.

Thanks

"Jim Harrison (MSFT)" wrote:

Exactly how is your custom protocol defined?
What is the defined relationship between the two networks; NAT or route?

--
--
Jim Harrison [ISA SE]
Read the help, books and articles!

This posting is provided "AS IS" with no warranties, and confers no rights.

"Wilmar" <Wilmar@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:AB9855CA-9D3C-44E7-9277-CCDEF8C0F20E@xxxxxxxxxxxxxxxx
Hello everybody.

I'm trying to publish an internal SSH server without much success so far.
What I did was to use the Server Publishing Rule and createa SSH server
protocol listening on inbound connection to port 22 through the external
interface and redirecting the request to the internal IP address of the SSH
server. Everytime I try to connect from an external clients the connection
just gets drop by the Default Rule.

I hope anyone can give me a hint on this.

Thanks a lot.

Wilmar












.

Relevant Pages

  • Re: HTTP Redirector to Web Proxy Service not working
    ... It will forever remain a mystery why a perfectly functioning server stopped working temporarily but oh well. ... "Jim Harrison " wrote: ... > I have an existing server W2003 that was rebooted and suddenly ISA wasn't working as expected. ... The minute I set it back to "Redirect to local Web Proxy ...
    (microsoft.public.isa.configuration)
  • RE: Sercond ISA on SBS Member Server
    ... ISA on a SBS member server. ... Without a good backup, it's difficult to have the server ... - This is often used for ISA server configuration recovery. ...
    (microsoft.public.windows.server.sbs)
  • RE: Internet Usage Reports
    ... There is no other application on the SBS server box that can monitor ... internet activities as your needs rather than ISA server. ... Microsoft Internet Security and Acceleration Server 2004 is the ... Microsoft is providing this information as a convenience to you. ...
    (microsoft.public.windows.server.sbs)
  • Re: Nagging Autorization issue for Companyweb after ISA04 install
    ... Check the companyweb CNAME entry in the DNS Server. ... Does the situation occur when you access companyweb from the ISA ... > 'Microsoft Firewall' service. ... > This newsgroup only focuses on SBS technical issues. ...
    (microsoft.public.windows.server.sbs)
  • RE: OWA page not displayed Outside
    ... Open the ISA Server management console, ... On the ISA Server computer, stop the Microsoft Firewall service. ...
    (microsoft.public.windows.server.sbs)
Loading