Re: ISA Help Needed

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Adam Selene (as_at_freeluna.org)
Date: 10/10/04 

Date: Sun, 10 Oct 2004 16:07:15 -0700

Hi Marina,

I find I've mis-led you (unintentionally to be sure).

I do NOT have a router on my new server. It's on the Peer-
To-Peer side of the LAN. My mistake. The router is doing
an acceptable job of blocking ports for the Peer-To-Peer
network that will be converted to this new server when I
think it's ready.

My ISP is furnishing 5 static IP's; the router-protected
P2P LAN is on one; the pilot-project SBS is on another;
the other three are unused.

I am running SBS 2k3 Premium, hence the ISA (from the
Premium Technologies CD).

I did build a certificate for the IP address of the server.
(There's no domain mapped there.)

I logged the CEICW and RAW output but I'm not sure what to
look for in there.

Thanks,

Adam

>-----Original Message-----
>Sorry, hit Send to soon ;-)
>
>Smallbizserver.Net > Network > SBS 2003 Standard with
UPnP router:
>http://www.smallbizserver.net/Default.aspx?tabid=165
>
>Rerun it again. Then check your routerconfig and only
forward the ports you
>want for OWA (443) and RWW (4125) and POP3 (110).
>
>--
>Regards,
>
>Marina
>Microsoft SBS-MVP
>
>"Adam Selene" <as@freeluna.org> schreef in bericht
>news:175801c4af18$9ef68b10$a501280a@phx.gbl...
>> Hi Marina,
>>
>> I DO have 2 NICs.
>>
>> Yes to the Firewall.
>>
>> I don't know where to look for "Web Services". What
you're
>> saying rings a bell but I can't recall where the
question
>> is. I don't want to offer ANY web services to the
outside
>> world.
>>
>> I have a Linksys BEFSR41 on the WAN-side NIC. It blocks
>> the NETBIOS ports plus 445 and 113. I'd hoped to do
>> without it after getting ISA configured properly.
>>
>> Thanks for your patience,
>>
>> Adam
>>
>> >-----Original Message-----
>> >Hi Adam,
>> >
>> >Do you have 2 nics? Did you run CEICW and enabled the
>> Firewall? Did you in
>> >Web Services made sure you didn't check 'access to
entire
>> web site from the
>> >internet' or 'business web site'? Do you have a router
>> connected to your
>> >second nic?
>> >
>> >--
>> >Regards,
>> >
>> >Marina
>> >Microsoft SBS-MVP
>> >
>> >"Adam Selene" <as@freeluna.org> schreef in bericht
>> >news:335c01c4af14$40fe2260$a401280a@phx.gbl...
>> >> Thanks to all who replied. I've done as Susan
suggested
>> >> and I can now do what I need.
>> >>
>> >> However, I went to Steve Gibson's site and he tells
me
>> >> that Ports 25 and 80 are open.
>> >>
>> >> Since I'm not hosting mail acquired/sent via SMTP,
I'd
>> >> like this one closed. Same for Port 80: since I
have no
>> >> web server to make available to the outside world,
the
>> >> only inbound Port 80 traffic I'd like is that which
is
>> >> responsive to a previous outbound message. I.E., I'd
>> like
>> >> to close Port 80 to unsolicited traffic.
>> >>
>> >> I will be using OWA and I will be using RWW but
that's
>> the
>> >> only inbound stuff I'll be doing apart from POP3
mail.
>> >>
>> >> I'd appreciate some guidance here.
>> >>
>> >> Thanks,
>> >>
>> >> Adam
>> >>
>> >>
>> >>
>> >>
>> >> >-----Original Message-----
>> >> >Hi
>> >> >
>> >> >I have two non-domain computers connecting thru ISA
as
>> >> Susan suggests and it
>> >> >works fine.
>> >> >
>> >> >--
>> >> >Frank McCallister SBS MVP
>> >> >COMPUMAC
>> >> >"Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]"
>> >> <sbradcpa@pacbell.net>
>> >> >wrote in message
>> >> news:eX2mgVurEHA.2008@TK2MSFTNGP12.phx.gbl...
>> >> >> If I do all/all/all and don't ask for
>> authentication...
>> >> I "think" they all
>> >> >> go through even my laptop that isn't on the domain
>> but
>> >> just hooked in and
>> >> >> getting an IP.
>> >> >>
>> >> >>
>> >> >>
>> >> >> Marina Roos [SBS-MVP] wrote:
>> >> >>> Hi Adam,
>> >> >>>
>> >> >>> You can install the Firewall client by browsing
to
>> >> \\servername\mspclnt
>> >> >>> and
>> >> >>> run setup.exe.
>> >> >>>
>> >> >>> For workstations that are not on your domain you
>> will
>> >> just have to point
>> >> >>> the
>> >> >>> LAN settings in IE to your servername and port
8080.
>> >> It will ask for
>> >> >>> credentials though. You might consider putting
those
>> >> guest clients
>> >> >>> straight
>> >> >>> into the router.
>> >> >>>
>> >> >>
>> >> >> --
>> >> >> http://www.sbslinks.com/really.htm
>> >> >> http://www.msmvps.com/bradley
>> >> >> https://www.ecora.com/ecora/jump/pm99.asp
>> >> >
>> >> >
>> >> >.
>> >> >
>> >
>> >
>> >.
>> >
>
>
>.
>

Relevant Pages

  • Re: loss of SOME connectivity
    ... I "think" it is DNS. ... Yes, I can ping the router, AND the ISP DNS. ... I cannot connect the inet cable directly to the server because the inet is ... MS firewall not started. ...
    (microsoft.public.windows.server.sbs)
  • Re: IP Addressing
    ... Address of the ISA server? ... firewall and router). ... On the firewall create a static NAT entry as I wrote ...
    (comp.dcom.sys.cisco)
  • Re: Still cant connect to RWW or OWA remotely
    ... Re-running the CEICW, disabling the firewall, then re-running CEICW again, ... "Cannot find server or DNS Error". ... the DSL router 4-port switch. ... of the two NICs by clicking the Advanced tabs, ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN suggestions requested
    ... > connecting to the Internet through a cheap basic broadband router. ... necessarily mean you have to pop in a firewall, ... also mean only to secure the W2K server. ...
    (comp.security.firewalls)
  • ~~~~~~~~~~~~~~ IP ADDRESS ~~~~~~~~~~~~~~
    ... block my ip address vista windows ... change public ip address linksys router ... setting up a network ip address ... warcraft server ip address ...
    (sci.misc)