Re: SBS 2003 SP 1 on MSDN disks

From: "Steve Foster [SBS MVP]" <steve.foster@xxxxxxxxxxxxx>
Date: Sun, 14 Aug 2005 07:20:29 -0700

Hollis D. Paul wrote:

In article <#3n4fNZlFHA.320@xxxxxxxxxxxxxxxxxxxx>, CPA aka Ebitz - SBS
Rocks [MVP] Susan Bradley wrote:

The cows are coming home.

Do it.

One of the things you have told me to do is to set my DSL modem to be
the PPPoE client, which I believe it operate as, even if Earthlink does
not know it, and stop using the Windows Server 2003 PPPoE client to
connect.  So, in order to do this, I have to telnet into the device, at
192.168.1.1, give it the password, go to Menu 4 and feed it my
Earthlink UserId and password.  It should then connect to the service
on its own.

Now, I have started the Telnet service on my client computer
workstation, and have set the firewall to allow Telnet services to be
used.  I have started the Telnet service on the SBS2003 server.

You can go and turn them back off again, and remove the firewall exception. What you did allows those machines to accept incoming telnet connections, and has nothing to do with them being a telnet client.

I have
added the Telnet protocol and the telnet server protocol to a protocol
rule, and created a new IP packet filter for the telnet service--ie,
TCP service both ways on port 23.  I have restarted the ISA service
control twice.


ISA2000 on SBS normally has the Telnet protocol predefined.

A Packet Filter would only allow the server itself to be able to communicate.

Also, the correct definition for a Telnet Client Packet Filter would be:

TCP, Outbound, Local All Ports, Remote Fixed port 23.

You could restrict the Remote Computer to just the 192.168.1.1 address if you wanted to be really stringent.

The way to allow a client PC access would be to create a Protocol Rule that allowed the Telnet protocol. Note that if either the Rule was applied to selected users, or ISA is configured to always ask for authentication (under ISA Server Properties, on the Outgoing Web Requests tab), then you'd need the Firewall Client installed on the clients for them to be able to use Telnet.

You really ought to apply SP1 and get ISA2004 installed. It's much easier to administer than ISA2000 (the Packet Filter/Protocol Rule distinction disappears - it's all Access Rules).

I can't connect to 192.168.1.1 from either my client computer
workstation, or from the SBS2003 console, run as domain administrator.
What more do I need to do?

The DSL modem is the ZyXel Prestige 645M.  Anybody know the secret?
The cows don't get in the barn till I can use Telnet to open the door.

Here is a curious statement in the User Guide, under section 1.2
Features of the Prestige 645M

PPPoE - The P645M supports the PPP over Ethernet standard.  Activating
PPPoE automatically the DHCP server.  So much for using the PPPoE
client on a SBS network.  Well, not so fast.  It appears that I can set
it back to none, even after telling it to use PPPoE.  Makes one feel a
little nervous, enabling the hand and then chopping it off.

The assumption is that if the DSL modem is doing PPPoE, it's also the primary gateway device, and there's probably nothing else in the way of network infrastructure (ie no DHCP Server anywhere). Since you know better, no problem with turning it off - not that it matters if the DSL LAN is isolated in front of your 2 nic SBS2003 server.

--
Steve Foster [SBS MVP]
---------------------------------------
MVPs do not work for Microsoft. Please reply only to the newsgroups.
.

Follow-Ups:
- Re: SBS 2003 SP 1 on MSDN disks
  - From: Hollis D. Paul

References:
- SBS 2003 SP 1 on MSDN disks
  - From: Hollis D. Paul
- Re: SBS 2003 SP 1 on MSDN disks
  - From: Ginny Caughey [MVP]
- Re: SBS 2003 SP 1 on MSDN disks
  - From: Hollis D. Paul
- Re: SBS 2003 SP 1 on MSDN disks
  - From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
- Re: SBS 2003 SP 1 on MSDN disks
  - From: Hollis D. Paul

Prev by Date: Re: New SBS 2003 and SP1
Next by Date: Re: Multiple Domains on an SBS server
Previous by thread: Re: SBS 2003 SP 1 on MSDN disks
Next by thread: Re: SBS 2003 SP 1 on MSDN disks
Index(es):
- Date
- Thread

Relevant Pages

Re: Kerberos V5 Authentication for a Telnet Session
... Neither Microsoft's Telnet Server nor their Telnet client support ... Kerberos authentication. ...
(comp.protocols.kerberos)
Re: Kerberos V5 Authentication for a Telnet Session
... I think neither Windows telnet client nor Windows telnet server support ... Kerberos authentication - with the built-ins, ...
(microsoft.public.windows.server.security)
Re: network programming in c
... >> I thought that kind of server used telnet. ... > communicate with their client with CRLF-delimited ASCII-strings. ... protocols (or ASCII, for that matter, though since eg DNS uses ASCII ... Telnet itself doesn't use plain-text commands. ...
(comp.programming)
Re: Exchange 2003/IMAP Username-PW Problem
... event viewer on the server or the client. ... client to migrate files to Exchange. ... I have the same problem connecting via telnet on ...
(microsoft.public.exchange.connectivity)
Re: What doesnt lend itself to OO?
... >> proxy and instructs the server to constuct the real object. ... rather than client code. ... If 'clock' is instantiated in the server, ... > for the server interface at the OOA level. ...
(comp.object)