Re: Losing my rag with ISA and CA ETrust
From: Tim \(Newsgroups\) (tim_hames_at_hotmail.com)
Date: 10/22/04
- Next message: Stefan Kellermann: "Re: POP Mail with wrong time"
- Previous message: Graham: "RE: Shared printer problems"
- In reply to: Andrew H: "Re: Losing my rag with ISA and CA ETrust"
- Next in thread: Steve Foster [SBS MVP]: "Re: Losing my rag with ISA and CA ETrust"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 22 Oct 2004 21:47:01 +1000
Thanks Andrew. That's already in place. I did that after the last time we
spoke.
It's just stopped working for no apparent reason.
I've raised two email support calls with CA who tell me it's an ISA
configuration problem.
So why is ISA blocking outgoing FTP over port 21??
Any ideas greatly appreciated.
Are there other logs which could help?
Kind Regards
Tim
"Andrew H" <ajhpms@hotmail.com> wrote in message
news:ev0QlFCuEHA.2184@TK2MSFTNGP12.phx.gbl...
> Hi Tim
>
> Apart from the custom filters, I needed to set the logon for the eTrust
> AntiVirus Job Service to the domain administrator. (It has been
> suggested that it would be more secure to create a user account just for
> eTrust - as long as that user is a member of the Internet Users security
> group in order for ISA to allow it access).
>
> Regards
>
> Andrew
>
>
> "Tim (Newsgroups)" <tim_hames@hotmail.com> wrote in message
> news:OJvZ4FAuEHA.4040@TK2MSFTNGP09.phx.gbl...
>> Hi Steve - thanks for helping me troubleshoot this one. I'm still
>> learning ISA.
>>
>> OK I tried swapping the Custom Filter's over. Here is the extract from
>> IPEXTD20041022.log:
>>
>> (213.35.101.4 is ftpav.ca.com)
>>
>> 2004-10-22 06:27:48 192.168.1.2 213.35.101.4 Tcp 53557 21 BLOCKED
>> 192.168.1.2
>> 2004-10-22 06:27:54 192.168.1.2 213.35.101.4 Tcp 53557 21 BLOCKED
>> 192.168.1.2
>> 2004-10-22 06:28:00 192.168.1.2 213.35.101.4 Tcp 53559 21 BLOCKED
>> 192.168.1.2
>> 2004-10-22 06:28:06 192.168.1.2 213.35.101.4 Tcp 53559 21 BLOCKED
>> 192.168.1.2
>> 2004-10-22 06:28:09 192.168.1.2 213.35.101.4 Tcp 53560 21 BLOCKED
>> 192.168.1.2
>> 2004-10-22 06:28:15 192.168.1.2 213.35.101.4 Tcp 53560 21 BLOCKED
>> 192.168.1.2
>> 2004-10-22 06:28:22 192.168.1.2 213.35.101.4 Tcp 53561 21 BLOCKED
>> 192.168.1.2
>> 2004-10-22 06:28:28 192.168.1.2 213.35.101.4 Tcp 53561 21 BLOCKED
>> 192.168.1.2
>> 2004-10-22 06:28:31 192.168.1.2 213.35.101.4 Tcp 53562 21 BLOCKED
>> 192.168.1.2
>> 2004-10-22 06:28:38 192.168.1.2 213.35.101.4 Tcp 53562 21 BLOCKED
>> 192.168.1.2
>> 2004-10-22 06:28:53 192.168.1.2 213.35.101.4 Tcp 53570 21 BLOCKED
>> 192.168.1.2
>> 2004-10-22 06:28:58 192.168.1.2 213.35.101.4 Tcp 53570 21 BLOCKED
>> 192.168.1.2
>> 2004-10-22 06:29:20 192.168.1.2 213.35.101.4 Tcp 53574 21 BLOCKED
>> 192.168.1.2
>> 2004-10-22 06:29:26 192.168.1.2 213.35.101.4 Tcp 53574 21 BLOCKED
>> 192.168.1.2
>> 2004-10-22 06:29:41 192.168.1.2 213.35.101.4 Tcp 53575 21 BLOCKED
>> 192.168.1.2
>> 2004-10-22 06:29:48 192.168.1.2 213.35.101.4 Tcp 53575 21 BLOCKED
>> 192.168.1.2
>>
>> I don't get it.
>>
>> Kind Regards
>>
>> Tim
>>
>>
>> "Steve Foster [SBS MVP]" <steve.foster@picamar.co.uk> wrote in message
>> news:xn0dot0yq74cn7v000@msnews.microsoft.com...
>>> Tim wrote:
>>>
>>>> I cannot download signature updates for my clients using ETrust
>>>> anymore.
>>>>
>>>
>>> Doesn't eTrust offer a HTTP download option?
>>>
>>> The correct settings for FTP download on the server would be:
>>>
>>> Enable PFs "SBS FTP 21 Out CustomFilter" and "SBS FTP 20 In
>>> CustomFilter".
>>>
>>> 21 Out is required to make the control connection, 20 In is required
>>> for the subsequent data connection.
>>>
>>> --
>>> Steve Foster [SBS MVP]
>>> ---------------------------------------
>>> MVPs do not work for Microsoft. Please reply only to the newsgroups.
>>
>>
>
>
- Next message: Stefan Kellermann: "Re: POP Mail with wrong time"
- Previous message: Graham: "RE: Shared printer problems"
- In reply to: Andrew H: "Re: Losing my rag with ISA and CA ETrust"
- Next in thread: Steve Foster [SBS MVP]: "Re: Losing my rag with ISA and CA ETrust"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
