Re: Firewall Client Extremely Chatty

"Jim Harrison (ISA SE)" <jmharr@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:0F1225CF-75CC-4A75-92AF-DBDAF5BDB5B9@xxxxxxxxxxxxxxxx
ISA does show you where FWC traffic is going - ISA has this in the
firewall
log.
All FWC traffic will include an appliation name in the "Client-Agent"
field,
along with a number that indicates the OS version.
You can see the client IP and the final destination of the request.

The FWC is as hinted at by Phil (hi Phil), a "Winsock remoter" that allows
non-proxyable traffic such as POP3, SMTP, etc. to act as if it were
located
on the ISA itself (ISA policies permitting, of course). If you deploy an
"allow all" policy set, then yes; you can use anything you want thorugh
ISA.
If you use a "deny all except" policy, then you can control who uses what.

Thank you for that information. If things are working as designed, what
should see in addition to the connections to the ISA Server on 1745/UDP from
the computers running firewall client? How will we see the endpoints in
the firewall log? Will it simulate an end to end connection and show the
source IP of the machine running firewall client together with the
destination IP of the computer on the Internet? Or will only only show
the connection from the client to the firewall, and then a separate
connection from the firewall to the actual destination?

--
Will



.

Relevant Pages