SBS & ISA

From: Aart Jansen (aart_at_*remove*hayes.co.nz)
Date: 08/03/04

• Next message: Jimbo: "Re: Has *anyone* been able to get VPN working with Linksys BEFSR41 Router??"
• Previous message: Frank McCallister: "Re: Slow Shutdown"
• Next in thread: Mike Lieser [MSFT]: "RE: SBS & ISA"
• Reply: Mike Lieser [MSFT]: "RE: SBS & ISA"
• Messages sorted by: [ date ] [ thread ]

---

Date: Tue, 3 Aug 2004 13:44:43 +1200

Hi, previously posted and got good information about how to create a
protocol definition for this to allow client access out. But I am still
struggling to get it to work
Here is my progress...
With Protocol def allow port 3000 1 TCP, 1 UDP,(both have additional TCP
20000-20010 (inbound), UDP 2000-20010 (send recive) and prot rule allow
both protocols

And here is the contents of the fws log
#Software: Microsoft(R) Internet Security and Acceleration Server 2000
#Version: 1.0
#Date: 2004-07-30 00:01:09
#Fields: c-ip cs-username c-agent date time s-computername r-host r-ip
r-port time-taken cs-bytes sc-bytes cs-protocol cs-transport s-operation
sc-status sessionid connectionid
10.0.0.65 SYSTEM NDETECT.EXE:3:4.0 2004-07-30 00:01:09 SERVER
www.symantec.com 210.55.204.200 - - - - - - GHBN 0 73 0
10.0.0.65 SYSTEM LUCOMS~1.EXE:3:4.0 2004-07-30 00:01:20 SERVER
liveupdate.symantecliveupdate.com 210.55.204.200 - - - - - - GHBN 0 74 0
10.0.0.65 SYSTEM LUCOMS~1.EXE:3:4.0 2004-07-30 00:01:20 SERVER -
210.55.204.200 80 - - - 80 TCP Connect 0 74 161
10.0.0.65 SYSTEM LUCOMS~1.EXE:3:4.0 2004-07-30 00:01:21 SERVER -
210.55.204.200 80 47 - 2023 80 TCP Connect 20001 74 161
10.0.0.73 - - 2004-07-30 00:20:10 SERVER - - - - - - 0 UDP Bind 0 75 162
10.0.0.73 - - 2004-07-30 00:20:10 SERVER - 202.27.184.3 53 - - - 53 UDP
UdpMap 0 75 162
10.0.0.73 - - 2004-07-30 00:21:10 SERVER - 202.27.184.3 53 61156 - - 53 UDP
UdpMap 20000 75 162
10.0.0.73 - - 2004-07-30 00:21:10 SERVER - - - 61156 - - 0 UDP Bind 20001 75
162
#Software: Microsoft(R) Internet Security and Acceleration Server 2000
#Version: 1.0
#Date: 2004-07-30 01:21:52
#Fields: c-ip cs-username c-agent date time s-computername r-host r-ip
r-port time-taken cs-bytes sc-bytes cs-protocol cs-transport s-operation
sc-status sessionid connectionid
10.0.0.22 - - 2004-07-30 01:21:52 SERVER - 207.46.134.92 80 62 - - 80 TCP
Connect 0 2 1
10.0.0.22 - - 2004-07-30 01:21:52 SERVER - 207.46.134.92 80 172 - 2383 80
TCP Connect 20001 2 1
10.0.0.22 - - 2004-07-30 01:21:53 SERVER - 207.46.134.92 80 - - - 80 TCP
Connect 0 2 2
10.0.0.22 - - 2004-07-30 01:21:53 SERVER - 207.46.134.92 80 - - 2176 80 TCP
Connect 20001 2 2
10.0.0.22 - - 2004-07-30 01:21:53 SERVER - 207.46.134.92 80 - - - 80 TCP
Connect 0 2 3
10.0.0.22 - - 2004-07-30 01:21:53 SERVER - 207.46.134.92 80 - - 2176 80 TCP
Connect 20001 2 3
10.0.0.22 - - 2004-07-30 01:21:53 SERVER - 207.46.197.59 80 - - - 80 TCP
Connect 0 2 4
10.0.0.22 - - 2004-07-30 01:21:53 SERVER - 207.46.197.59 80 - - 1969 80 TCP
Connect 20001 2 4
10.0.0.22 - - 2004-07-30 01:21:53 SERVER - 207.46.197.59 80 - - - 80 TCP
Connect 0 2 5
10.0.0.22 - - 2004-07-30 01:21:53 SERVER - 207.46.197.59 80 - - 1969 80 TCP
Connect 20001 2 5
10.0.0.22 - - 2004-07-30 01:21:53 SERVER - 207.46.197.59 80 - - - 80 TCP
Connect 0 2 6
10.0.0.22 - - 2004-07-30 01:21:53 SERVER - 207.46.197.59 80 - - 1969 80 TCP
Connect 20001 2 6
10.0.0.22 - - 2004-07-30 01:21:53 SERVER - 207.46.197.59 80 - - - 80 TCP
Connect 0 2 7
10.0.0.22 - - 2004-07-30 01:21:53 SERVER - 207.46.197.59 80 - - 1969 80 TCP
Connect 20001 2 7
10.0.0.28 roger spoolsv.exe:3:5.1 2004-07-30 01:30:43 SERVER - 163.7.4.50
3000 47 - - 3000 TCP Connect 0 3 8
10.0.0.28 roger spoolsv.exe:3:5.1 2004-07-30 01:31:26 SERVER - 163.7.4.50
3000 42531 - - 3000 TCP Connect 20001 3 8
#Software: Microsoft(R) Internet Security and Acceleration Server 2000
#Version: 1.0
#Date: 2004-07-30 01:32:50
#Fields: c-ip cs-username c-agent date time s-computername r-host r-ip
r-port time-taken cs-bytes sc-bytes cs-protocol cs-transport s-operation
sc-status sessionid connectionid
10.0.0.28 roger spoolsv.exe:3:5.1 2004-07-30 01:32:50 SERVER - 163.7.4.50
3000 - - - 3000 TCP Connect 0 2 1
10.0.0.73 - - 2004-07-30 01:33:03 SERVER - - - - - - 0 UDP Bind 0 3 2
10.0.0.73 - - 2004-07-30 01:33:03 SERVER - 202.27.184.3 53 - - - 53 UDP
UdpMap 0 3 2
10.0.0.73 - - 2004-07-30 01:33:39 SERVER - - - - - - 0 UDP Bind 0 3 3
10.0.0.73 - - 2004-07-30 01:33:39 SERVER - 202.27.184.3 53 - - - 53 UDP
UdpMap 0 3 3
10.0.0.73 - - 2004-07-30 01:33:55 SERVER - - - - - - 0 UDP Bind 0 3 4
10.0.0.73 - - 2004-07-30 01:33:55 SERVER - 202.27.184.3 53 - - - 53 UDP
UdpMap 0 3 4
10.0.0.73 - - 2004-07-30 01:34:04 SERVER - 202.27.184.3 53 61765 - - 53 UDP
UdpMap 20000 3 2
10.0.0.73 - - 2004-07-30 01:34:04 SERVER - - - 61828 - - 0 UDP Bind 20001 3
2
10.0.0.73 - - 2004-07-30 01:34:17 SERVER - - - - - - 0 UDP Bind 0 3 5
10.0.0.73 - - 2004-07-30 01:34:17 SERVER - 202.27.184.3 53 - - - 53 UDP
UdpMap 0 3 5
10.0.0.73 - - 2004-07-30 01:34:41 SERVER - 202.27.184.3 53 61609 - - 53 UDP
UdpMap 20000 3 3
10.0.0.73 - - 2004-07-30 01:34:41 SERVER - - - 61609 - - 0 UDP Bind 20001 3
3
10.0.0.73 - - 2004-07-30 01:34:56 SERVER - 202.27.184.3 53 61734 - - 53 UDP
UdpMap 20000 3 4
10.0.0.73 - - 2004-07-30 01:34:56 SERVER - - - 61734 - - 0 UDP Bind 20001 3
4
10.0.0.73 - - 2004-07-30 01:35:17 SERVER - 202.27.184.3 53 60312 - - 53 UDP
UdpMap 20000 3 5
10.0.0.73 - - 2004-07-30 01:35:17 SERVER - - - 60312 - - 0 UDP Bind 20001 3
5
10.0.0.28 roger spoolsv.exe:3:5.1 2004-07-30 01:38:33 SERVER - 163.7.4.50
3000 342844 - - 3000 TCP Connect 20001 2 1
#Software: Microsoft(R) Internet Security and Acceleration Server 2000
#Version: 1.0
#Date: 2004-07-30 01:41:15
#Fields: c-ip cs-username c-agent date time s-computername r-host r-ip
r-port time-taken cs-bytes sc-bytes cs-protocol cs-transport s-operation
sc-status sessionid connectionid
10.0.0.73 - - 2004-07-30 01:41:15 SERVER - - - 47 - - 0 UDP Bind 0 2 1
10.0.0.73 - - 2004-07-30 01:41:15 SERVER - 202.27.184.3 53 - - - 53 UDP
UdpMap 0 2 1
10.0.0.73 - - 2004-07-30 01:42:15 SERVER - 202.27.184.3 53 61109 - - 53 UDP
UdpMap 20000 2 1
10.0.0.73 - - 2004-07-30 01:42:15 SERVER - - - 61187 - - 0 UDP Bind 20001 2
1
#Software: Microsoft(R) Internet Security and Acceleration Server 2000
#Version: 1.0
#Date: 2004-07-30 01:42:41
#Fields: c-ip cs-username c-agent date time s-computername r-host r-ip
r-port time-taken cs-bytes sc-bytes cs-protocol cs-transport s-operation
sc-status sessionid connectionid
10.0.0.28 roger spoolsv.exe:3:5.1 2004-07-30 01:42:41 SERVER - 163.7.4.50
3000 - - - 3000 TCP Connect 0 2 1
10.0.0.28 roger spoolsv.exe:3:5.1 2004-07-30 01:43:33 SERVER - 163.7.4.50
3000 51672 - - 3000 TCP Connect 20001 2 1

Thanks for any and all help.
Aart
accidentally posted in the 4.5 newsgroup, sorry

---

• Next message: Jimbo: "Re: Has *anyone* been able to get VPN working with Linksys BEFSR41 Router??"
• Previous message: Frank McCallister: "Re: Slow Shutdown"
• Next in thread: Mike Lieser [MSFT]: "RE: SBS & ISA"
• Reply: Mike Lieser [MSFT]: "RE: SBS & ISA"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages ISA & JT print ... MicrosoftInternet Security and Acceleration Server 2000 ... UdpMap 0 75 162 ... (microsoft.public.backoffice.smallbiz) Re: ISA & JT print ... > protocol definition for this to allow client access out. ... MicrosoftInternet Security and Acceleration Server 2000 ... (microsoft.public.backoffice.smallbiz)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)