Re: Bypass ISA?
From: Bill Peng [MSFT] (v-bpeng_at_online.microsoft.com)
Date: 03/04/05
- Next message: Mark: "Max RAM for SBS2003 Professional"
- Previous message: Bill Peng [MSFT]: "Re: XP-SBS Site-to-site VPN?"
- Maybe in reply to: Edward Lee: "Bypass ISA?"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 04 Mar 2005 01:57:18 GMT
Thanks, Phillip, for your detail answer.
Edward, please go ahead to test the suggestions described on the KB. If you
need further assistance, please feel free to post back.
Bill Peng
MCSE 2000, MCDBA
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
>From: "Phillip Windell" <@.>
>References: <##1Bsc3HFHA.3628@TK2MSFTNGP15.phx.gbl>
<qMfJRv8HFHA.1428@TK2MSFTNGXA02.phx.gbl>
<u8f1yQBIFHA.608@TK2MSFTNGP10.phx.gbl>
<eNtVIfBIFHA.3628@TK2MSFTNGP15.phx.gbl>
<uUNl56DIFHA.2648@TK2MSFTNGP14.phx.gbl>
>Subject: Re: Bypass ISA?
>Date: Thu, 3 Mar 2005 16:56:22 -0600
>Lines: 175
>X-Priority: 3
>X-MSMail-Priority: Normal
>X-Newsreader: Microsoft Outlook Express 6.00.2800.1437
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
>Message-ID: <enFv5QEIFHA.1580@TK2MSFTNGP10.phx.gbl>
>Newsgroups: microsoft.public.windows.server.sbs
>NNTP-Posting-Host: wandtv-host14.decatur.hansoninfosys.com 209.16.209.142
>Path:
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP1
0.phx.gbl
>Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:151286
>X-Tomcat-NG: microsoft.public.windows.server.sbs
>
>Proxys and firewalls do the same thing,...there is just some differences in
>the internal way they perform it,...but in the end,..they effectively do
the
>same job.
>
>"Firewall" is just a "slang" and "generic" term that too many Marketing
>Departments have glommed onto. Technically, you have two competing
>technologies,...you have "proxying" and you have "Network Address
>Translation". NAT is essentially a Layer3&4 function while "proxying"
>happens throughout the entire OSI Model and beyond, it has a much wider
>scope. Most "firewalls" are just NAT Devices with packet filtering added
>on. The so-called Cable/DSL Routers are also just NAT Devices as well, and
>it would be more accurate to call them "lightweight-firewalls" then it
would
>be to call them "routers",...they are not routers,..but the Marketing
>Departments of the world have butchered the dictionary and there is
probably
>no going back by now,...we are just stuck with no one knowing what anyone
>means by what they say anymore.
>
>ISA is *both*. It is primarily a proxy, but because it also "takes over"
>RRAS, it also has a SecureNAT service as well. So it integrates aspects of
>both "proxying" and "NAT" into a single, very complex product.
>
>--
>
>Phillip Windell [MCP, MVP, CCNA]
>www.wandtv.com
>
>
>"Edward Lee" <elee@ulgm.org> wrote in message
>news:uUNl56DIFHA.2648@TK2MSFTNGP14.phx.gbl...
>> Thanks Phillip. Your analogy makes sense to me when I think about the
>> Firewall aspect of ISA Server. I'm not sure I understand how it applies
to
>> the Proxy Server side of things though.
>>
>> Anyway, rather than thinking about this from the client side of things,
is
>> there an easy way for me to temporarily stop ISA from acting as a proxy
>> server, and just have it do its firewall duties?
>>
>> Thanks,
>> Ed Lee
>>
>> "Phillip Windell" <@.> wrote in message
>> news:eNtVIfBIFHA.3628@TK2MSFTNGP15.phx.gbl...
>> > Bill has you going in the right direction.
>> >
>> > You cannot "bypass" ISA. You can rig up the Client to simply not use
>ISA
>> > but that isn't the same thing as bypassing the ISA.
>> >
>> > Picture a room with one door and you are in it. If you choose to not
>use
>> > the door then you are trapped in the room. If you want out of the room
>> > and
>> > require "bypassing" the door, then you need to jump out the
>> > window,...which
>> > represents and alternate physical path out of the room. So to bypass
ISA
>> > means that you choose an alternate physical path out of the
>Network,...if
>> > no
>> > alternet path exists then you either use the ISA or you don't use the
>ISA
>> > and just sit there.
>> >
>> > --
>> >
>> > Phillip Windell [MCP, MVP, CCNA]
>> > www.wandtv.com
>> >
>> >
>> > "Edward Lee" <elee@ulgm.org> wrote in message
>> > news:u8f1yQBIFHA.608@TK2MSFTNGP10.phx.gbl...
>> >> Thanks Bill. I'm not sure it's a ports issue though. The application
>runs
>> >> fine for 30 or 40 minutes. It's after I have been using it for a while
>> > that
>> >> it stops responding. This is what leads me to suspect the issue falls
>> >> more
>> >> on the proxy server side of things, rather than the firewall side of
>> > things.
>> >>
>> >> Of course, I'm as far from an expert on these things, so I'm probably
>way
>> >> off base.
>> >>
>> >> Ed Lee
>> >>
>> >>
>> >> "Bill Peng [MSFT]" <v-bpeng@online.microsoft.com> wrote in message
>> >> news:qMfJRv8HFHA.1428@TK2MSFTNGXA02.phx.gbl...
>> >> > Hi Edward,
>> >> >
>> >> > Thank you for posting here.
>> >> >
>> >> > This problem seems to be the same with post "Ports for remote
>> >> > working?".
>> >> > You may refer to the following KB:
>> >> >
>> >> > How to Allow Third-Party Internet Application Connections Through
ISA
>> >> > Server 2000
>> >> > http://support.microsoft.com/?id=295667
>> >> >
>> >> > There're 4 methods mentioned in the KB, you can use whatever you
>want.
>> >> >
>> >> > If you have any update, please feel free to post back.
>> >> >
>> >> > Bill Peng
>> >> > MCSE 2000, MCDBA
>> >> > Microsoft CSS Online Newsgroup Support
>> >> >
>> >> > Get Secure! - www.microsoft.com/security
>> >> > =====================================================
>> >> > When responding to posts, please "Reply to Group" via your
newsreader
>> >> > so
>> >> > that others may learn and benefit from your issue.
>> >> > =====================================================
>> >> > This posting is provided "AS IS" with no warranties, and confers no
>> >> > rights.
>> >> >
>> >> > --------------------
>> >> >>From: "Edward Lee" <elee@ulgm.org>
>> >> >>Subject: Bypass ISA?
>> >> >>Date: Wed, 2 Mar 2005 16:29:08 -0600
>> >> >>Lines: 18
>> >> >>X-Priority: 3
>> >> >>X-MSMail-Priority: Normal
>> >> >>X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
>> >> >>X-RFC2646: Format=Flowed; Original
>> >> >>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
>> >> >>Message-ID: <##1Bsc3HFHA.3628@TK2MSFTNGP15.phx.gbl>
>> >> >>Newsgroups: microsoft.public.windows.server.sbs
>> >> >>NNTP-Posting-Host: h69-128-105-106.69-128.unk.tds.net 69.128.105.106
>> >> >>Path:
>> >> >
>> >
>TK2MSFTNGXA02.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTFEED02.phx.gbl!TK2MSFTNGP
0
>> >> > 8.phx.gbl!TK2MSFTNGP15.phx.gbl
>> >> >>Xref: TK2MSFTNGXA02.phx.gbl
>microsoft.public.windows.server.sbs:150913
>> >> >>X-Tomcat-NG: microsoft.public.windows.server.sbs
>> >> >>
>> >> >>Is there a simple way to configure one of my clients to bypass ISA
as
>> >> >>my
>> >> >>proxy server?
>> >> >>
>> >> >>We have a web-based database service that we subscribe to. I have a
>> >> >>recurring problem whereby after working in the system for a while,
it
>> >> > stops
>> >> >>responding. The problem happens on multiple computers on my SBS2k3
>> >> > network,
>> >> >>but never when I am working from home.
>> >> >>
>> >> >>So, my first thoughts go to some sort of confilct between ISA and
>this
>> >> >>web-based database application. I figured if there was an easy way
>that
>> > I
>> >> >>could take the ISA proxy server out the picture next time this
starts
>> >> > acting
>> >> >>up, I could rule it in or out as a cause.
>> >> >>
>> >> >>Thanks for any advice,
>> >> >>Ed Lee
>> >> >>
>> >> >>
>> >> >>
>> >> >>
>> >> >
>> >>
>> >>
>> >
>> >
>>
>>
>
>
>
- Next message: Mark: "Max RAM for SBS2003 Professional"
- Previous message: Bill Peng [MSFT]: "Re: XP-SBS Site-to-site VPN?"
- Maybe in reply to: Edward Lee: "Bypass ISA?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
