Re: allow specific IP full access, bypassing the ISA server

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

I don't take their "bi-directional" comment too seriously. So I don't think
a Publishing Rule is needed. If the traffic is initiated from inside to
outside successfully ISA will usually know how to accept any
"acknowlwdgments".

Their ICMP comments make no sense. Ping is not TCP, it is ICMP,..I don't
believe their is a "port". On traffic that I see through our devices here a
Ping always reports as port "0".
In ISA,..looking at Ping it it I see:

ICMP code: 0
ICMP type: 8
Protocol: ICMP
Direction: Send/Receive
There is no "Port".

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------


"Asher_N" <ashernat@xxxxxxxxx> wrote in message
news:Xns99FC64D616FB71203214562@xxxxxxxxxxxxxxxx
=?Utf-8?B?cnBzcGlrZXI=?= <rpspiker@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
news:7F5ED6EA-DF81-4D8F-A64B-1A6E83478560@xxxxxxxxxxxxx:

The instruction sheet says:
1 Customer must provide a static IP
2 UDP Must be turned on for Port 2001 and programmed for
bi-directional use 3 ICMP should be turned one to allow a ping for
port 2001, bi-directional

OK.

Access rule from the panel to the monitoring station IP (if you have it),
or the;net in general, for a user defined protocol using port 2001.

Then a server publishing rule, listening on port 2001, publishing the
internal IP of the panel. The monitoring station will use the external IP
of ISA as a target.


.

Relevant Pages

  • Re: Stupid Question #1
    ... ICMP traffic exception choices under SP2 firewall, a ping still ... source or remote site scan ports until it found an open port to ... The explanation given "Sooner Al" was that SP2 firewall would always ...
    (microsoft.public.windowsxp.network_web)
  • Re: Sites not opening
    ... This is normal if the remote site is configured to not return ICMP ... responses, aka ping, traceroute and the like requests... ... security issue so most people "in the know" disable ICMP responses at the firewall. ... or using telnet, to a specific port: ...
    (microsoft.public.internet.explorer.ieak)
  • Re: allow specific IP full access, bypassing the ISA server
    ... My best guess is that the panel sends a UDP packet on port 2001 to the ... monitoring station, ... They may use 'ping' as a generic, we don't really want to tell you what's ... Their ICMP comments make no sense. ...
    (microsoft.public.isa)
  • Re: ssh on ping port?
    ... Ping absolutely *does* use a port. ... Ping is a program which sends ICMP ECHO ...
    (alt.linux)
  • network slowness/freez-up since update 10/11
    ... network problems: first the network is slow (even within a few ... network - but not the rest of the system - just locks up (can't ping ... OHCI version 1.0, legacy support ... <Parallel port bus> on ppc0 ...
    (freebsd-current)