Re: "Opening ports"
- From: "Gary S. Terhune" <grystnews@xxxxxxxx>
- Date: Fri, 22 Sep 2006 17:45:19 -0700
Well, that's what I thought it should look like. But even with things set as
From=Internal & Local Host, To=External Protocol allow TCP port 5656
outbound, it's denied access. When filtering log on port 5656, I noticed
that the Client IP of entries is our external IP, so I filtered on that
instead. The only things that show up involve the PartsExpress5656 rule:
Destination IP=(partsexpress247.com), port=5656, Client IP=(our public IP),
Action=Denied connection.
--
Gary S. Terhune
MS MVP Shell/User
"Phillip Windell" <@.> wrote in message
news:OBq9N6p3GHA.696@xxxxxxxxxxxxxxxxxxxxxxx
Assuming there isn't anything "weird" with it that I don't knowabout,..the
rule would be like this:see
Create Protocol:
Name: PartsExpress5656
Port Range: 5656 - 5656 (start/end number same = single number)
Direction: Outbound
Create Domain Name Set (unless you wish to use "External")
Name: PartsExpress247
Domain name: "partsexpress247.com"
Create Access Rule
Name: Parts Express 247
Source: Internal (if App runs from the SBS, use "LocalHost")
Destination: External or use "PartsExpress" (the Domain Name Set)
Protocol: "PartsExpress5656"
Users: "All Users" (= "anonymous", and may be required here)
If it fails, go the the Live Log in the Monitoring section and set the
filter to only show traffic from the specific Client then try again and
what it shows. The may be other hidden Domain Names and ports that haven'thttp://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc
been disclosed to you.
--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html
Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://www.microsoft.com/technet/prodtechnol/isa/2004/deploy/dgisaserver.mspx
Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp
Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
Deployment Guidelines for ISA Server 2004 Enterprise Edition
-----------------------------------------------------I
"Gary S. Terhune" <grystnews@xxxxxxxx> wrote in message
news:e3WyIup3GHA.836@xxxxxxxxxxxxxxxxxxxxxxx
Yeah, yeah, I know that's not exactly how it's done in ISA, but what do
smalldo
with the following?
ISA 2004 Standard on SBS 2003 machine. Primary application for this
outboundaircraft shop is a specialized shop management app, .Net something or
other
using a SQL database. App needs to update on a fairly regular basis, but
the
update is manual.
The update fails from behind ISA 2004. If I disable the firewall, the
update
goes through. Best the tech has given me suggests that port 5656
should be opened, that it's seeking "partsexpress247.com,5656, using
ADO.NET
(.Net 1.1) to connect to our SQL server to check version."
Any assistance would be greatly appreciated. I can't quite connect the
dots.
--
Gary S. Terhune
MS MVP Shell/User
.
- Follow-Ups:
- Re: "Opening ports"
- From: Gary S. Terhune
- Re: "Opening ports"
- References:
- "Opening ports"
- From: Gary S. Terhune
- "Opening ports"
- Prev by Date: "Opening ports"
- Next by Date: Re: "Opening ports"
- Previous by thread: "Opening ports"
- Next by thread: Re: "Opening ports"
- Index(es):
Relevant Pages
|
