Re: ISA 2004 - Not processing rule?

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: Andrei Ungureanu (andreix)
Date: 02/15/05 

Date: Tue, 15 Feb 2005 22:13:43 +0200

have you tried to restart the firewall service after applying the rule? 

-- 
Andrei Ungureanu
www.eventid.net
Free Windows event logs reports
http://www.altairtech.ca/evlog/
"Michael" <mike_chan_@hotmail.com> wrote in message 
news:MPG.1c7959a3d4b0feda989686@news.microsoft.com...
> I've just installed ISA 2004 Standard. It is pretty much in its default
> Edge Firewall template configuration. The external interface is picking
> up an IP address from an ISP via DHCP and this works fine through
> modification of a DHCP Replies System Policy...although I'm a bit
> skeptical about letting DHCP Replies come from the External interface -
> I had to do this because it doesn't seem to pick up an IP address if the
> lease has expired.
>
> The problem I am facing is that when I create a firewall policy with the
> following attributes;
>
> Action: Allow
> Protocol -> Selected Protocols -> My Custom Protocol (Outbound)
> From: Local Host
> To: External
> Users: All Users
> Schedule: Always
> Content Types: All Content Types
>
> My Custom Protocol (Outbound) is defined as TCP Outbound for port 5000
> to 5001. No Application Filters are enabled.
>
> I enabled this firewall policy and placed it just underneath the "Allow
> DNS to the Internet" firewall policy. Its in position 3 of the Firewall
> Policy list just above the Last Default Rule.
>
> I now start up my custom application (configured to talk to destination
> port 5000). This is what the logs tell me;
> Destination: externalhostname (IP not provided)
> Destination Port: 5000
> Protocol: My Custom Protocol (Outbound)
> Action: Denied Connection
> Rule: Default Rule
> Client IP: myexternalinterface (IP not provided)
> Source Network: Local Host
> Destination Network: External
>
> Despite tweaking with the custom firewall policy for hours now, I can't
> seem to get my ISA 2004 to recognise that the conditions are the same as
> the custom firewall policy I defined.
>
> Can anyone shed some light as to why its doing this? Has anyone had the
> same experiences?
>
>
> Thanks.
>

Relevant Pages

  • RE: CheckPoint remote access
    ... It sounds like the firewall policy is getting in your way. ... unload the locally installed policy. ... Connect notebook directly to ethernet port with IP ...
    (Security-Basics)
  • ISA 2004 - Not processing rule?
    ... Edge Firewall template configuration. ... skeptical about letting DHCP Replies come from the External interface - ... The problem I am facing is that when I create a firewall policy with the ... My Custom Protocol is defined as TCP Outbound for port 5000 ...
    (microsoft.public.isa)
  • ISA 2004 - Not processing rule?
    ... Edge Firewall template configuration. ... skeptical about letting DHCP Replies come from the External interface - ... The problem I am facing is that when I create a firewall policy with the ... My Custom Protocol is defined as TCP Outbound for port 5000 ...
    (microsoft.public.isa.configuration)
  • Re: How to find NATed address
    ... > NAT workarounds. ... > response from company Splortsoft who tells me that their ... > to defeat local firewall policy - after all, ... > Splortsoft allows malicious contravention of firewall policy ...
    (comp.security.firewalls)
  • ISA 2004 - Not processing rule?
    ... Edge Firewall template configuration. ... skeptical about letting DHCP Replies come from the External interface - ... The problem I am facing is that when I create a firewall policy with the ... My Custom Protocol is defined as TCP Outbound for port 5000 ...
    (microsoft.public.isaserver)