Re: Help a Noobie please with opening a port
- From: "Phillip Windell" <philwindell@xxxxxxxxxxx>
- Date: Thu, 6 Sep 2007 13:30:23 -0500
Ok, yes, that's what I was wondering about toward the end of my post. I
assume a Computer Set would also work since it also uses the IP#?
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
"Jim Harrison (ISA SE)" <jmharr@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:33FE2E47-F6FB-47C7-958C-D4DE60732E3B@xxxxxxxxxxxxxxxx
Unless the WARP client is making CERN proxy requests (doubtful), domain
sets
won't work.
You'll have to use an Address Set instead.
nettrans1.novainfo.net resolves to 198.203.191.104
nettrans2.novainfo.net resolves to 198.203.192.217
--
Jim Harrison (ISA SE)
This posting implies no warranty and confers no rights.
http://catb.org/~esr/faqs/smart-questions.html
"Phillip Windell" <philwindell@xxxxxxxxxxx> wrote in message
news:ePM5wJK8HHA.5164@xxxxxxxxxxxxxxxxxxxxxxx
"Kevin" <kmahoney@xxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6a20e3pfi037clhlfc7vl2u6lr5jqsr8d2@xxxxxxxxxx
The computer that the WARP Server is running on must be able to
establish a TCP/IP client connection on a local port between 1024-5000
and talk to a remote server listening on port 8100.
I've tried setting up a new Access rule. For protocols, I chose
'Selected Protocols' and created a new protocol using Port range
1024-5000, Protocol Type - TCP, and Direction - Outbound.
No.
1024-5000 is irrelevant, those are random Client Ports,...irrelevant.
Create a Domain Name Set:
1. Name: NOVA Servers
2. Domain list: *.novainfo.net
Create the Protocol
1. Name: WARP-NOVA
2. TCP, Start #8100 - End #8100, outbound
3. Nothing else
Create the Access Rule
1. Name: WARP Service to NOVAinfo.net
2. From: LocalHost (if on SBS) or Internal (if on other server)
3. To: NOVA Servers (the Domain Name Set above)
4. Protocol: WARP-NOVA (the protocol above)
5. Users: "AllUsers"
If the Domain Name Set does not work, ping the nettrans1 and nettrans2
servers to get the IP#s and create a Computer Set with them and use the
Computer Set instead.
If the process fails, the Monitoring Log will show that if you run it with
the query filter set to show traffic to the Computer Set or Domain Name
Set,..or you could set the filter to show only traffic originating from
LocalHost but you'll have more "noise" to weed through.
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or
Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html
Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc
Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------
.
- Follow-Ups:
- Re: Help a Noobie please with opening a port
- From: Kevin
- Re: Help a Noobie please with opening a port
- References:
- Help a Noobie please with opening a port
- From: Kevin
- Re: Help a Noobie please with opening a port
- From: Phillip Windell
- Re: Help a Noobie please with opening a port
- From: Jim Harrison \(ISA SE\)
- Help a Noobie please with opening a port
- Prev by Date: Re: Help a Noobie please with opening a port
- Next by Date: Re: Help a Noobie please with opening a port
- Previous by thread: Re: Help a Noobie please with opening a port
- Next by thread: Re: Help a Noobie please with opening a port
- Index(es):
Relevant Pages
|
