RE: ISA 2000 - Open Remote Port

---

• From: v-edtian@xxxxxxxxxxxxxxxxxxxx (Edward Tian)
• Date: Wed, 24 Aug 2005 09:48:33 GMT

---

Dear Adam:
Thank you for posting here.

>From your description, I understand that you want to access an outside
website from the internal client through ISA2000, and port 19638 is used
for communication. If I have misunderstood, please feel free to let me know.

Before we go any further, please help to confirm the following information:

1. Is this website a SSL site (like https://www.abc.com, not
http://www.abc.com )? If so, there is a known issue when we view a SSL
website on the internet by using a port other than 443. Please refer to
this article and follow the steps to resolve this issue:
Blank page or page cannot be displayed when you view SSL sites through ISA
Server
http://support.microsoft.com/?id=283284

2. Do you configure all the internal clients as both the Web Proxy client
and Firewall client?
To be a Web Proxy client, please open IE, click Tools->Internet Options,
and click Connections->LAN Settings, configure ISA server as your Proxy
server (you can enter either the computer name or the internal IP of the
ISA server, port 8080 by default.)

To be a Firewall client, the workstation needs to have the ISA Firewall
Client software installed.

3. Have you run CEICW Wizard? The wizard can help us configure the
networking settings for a SBS server. It automatically creates the ISA
rules for internet access. I recommend you re-run this Wizard.
Open Server Management console, navigate to 'To Do List' and click 'Connect
to the internet' in the right panel. You can refer to following KB article
for detailed information:

825763 How to configure Internet access in Windows Small Business Server
2003
http://support.microsoft.com/?id=825763

4. Does this problem occur on all the internal clients?

Please also help me gather more information for analysis:
1. Help to gather the ISA Logs:

1) Open ISA Management, and then point to Monitoring Configuration | Logs

2) Double click ISA Server Firewall Service in the right pane, click to
select Enable Logging for this service, click Fields tab, click Select All,
and then click OK.

3) Please repeat Step 2) to enable logging IP Packet Filter and Web Proxy
Services.

4) Run command "net stop isactrl" (without the quotation marks) to stop all
ISA Services.

5) Backup all files in the folder C:\Program Files\Microsoft ISA
Server\ISALogs, and then delete them.

6) In ISA Management | <server name> | Monitoring | Services, start all ISA
services.

7) Reproduce the issue.

8) Wait for about 3 minutes, and then send me that day's firewall, web
proxy and IP Packet filter log in C:\Program Files\Microsoft ISA
Server\ISALogs. You can compress logs into .zip file. If compressed file
size is larger than 5 M, please let me know so that I can create a site for
you to upload the file:

Firewall log: FWSEXTDyyyymmdd.log
Web Proxy log: WEBEXTDyyyymmdd.log
IP Packet Filter log: IPPEXTDyyyymmdd.log

Please also let me know the IP address of the client/server.

To collect ISA logs, refer to:

302372 HOW TO: Configure Logging in Internet Security and Acceleration
Server
http://support.microsoft.com/?id=302372

2. Help to gather the ISAinfo:
You can download this utility from:
http://www.isatools.org/isainfo.vbe
Run it on the ISA server. Then attach the ISAINFO report to me at your
convenience.

You can send ISAinfo and ISA logs directly to my mailbox:
v-edtian@xxxxxxxxxxxxx

Thanks for your time and cooperation. Please feel free to let me know if
you have any questions or concerns.

Have a nice day! :)

Best Regards
Edward Tian(MSFT)
Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| From: "Adam Hudson" <abmhudson@xxxxxxxxxxx>
| Subject: ISA 2000 - Open Remote Port
| Date: Tue, 23 Aug 2005 14:17:48 +1000
| Lines: 15
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
| X-RFC2646: Format=Flowed; Original
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
| Message-ID: <eOJcfm5pFHA.2416@xxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: adsl-32-17.swiftdsl.com.au 218.214.32.17
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP14.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:146878
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Hi
|
| I am trying to get port 19638 to work through ISA 2000. I have SBS 2003.
I
| need this to access an admin part of a website. It works fine on a
computer
| connected directly to the internet but not if that computer is then
connect
| to the server and needs to pass through ISA on the server to access the
net.
|
| I am sure you need to put in some rule to allow access in and out on this
| port but I cannot work out how to do this.
|
| Thanks in advance.
|
| Adam
|
|
|

.

---

• Follow-Ups:
  • RE: ISA 2000 - Open Remote Port
    • From: Adam Hudson

• References:
  • ISA 2000 - Open Remote Port
    • From: Adam Hudson

• Prev by Date: RE: wireless connectivity problem
• Next by Date: RE: IPSEC VPN connection from client in SBS 2003 premium
• Previous by thread: ISA 2000 - Open Remote Port
• Next by thread: RE: ISA 2000 - Open Remote Port
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: RWW - Cant login ... error when you click Protocols tap of access rule in ISA. ... For client can not access Internet ... Ensure your SBS 2003 server have right network configuration. ... (microsoft.public.windows.server.sbs) Re: RWW Disconnecting ... I have been connected from a remote site for about 3 ... DHCP server and even a wireless access ... the key codes to for Internet access. ... Client Workstations} ... (microsoft.public.windows.server.sbs) Re: RWW - Cant login ... The ISA Server denied the specified Uniform ... I understand that one client can not access ... Internet, you can not log on RWW for a not administrator account, you get ... (microsoft.public.windows.server.sbs) RE: RWW not accessible over web ... Can the client access Internet web sites when you ... Extract all files to a folder on ISA server. ... 'Microsoft Firewall' service. ... (microsoft.public.windows.server.sbs) Re: RWW Disconnecting ... Server to test the issue. ... I understand that remote client encounts following error message when RWW ... I strongly suggest that we rerun the Configure E-mail and Internet ... (microsoft.public.windows.server.sbs)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.sbs  > 2005-08