Wisecracks aside, what I'm getting at is that it seems that ISA is still being governed by our PIX. Question still remains, how many use ISA behind another firewall? ISA can handle itself without being behind one, so why would it be needed, especially if you didn't have any control over that firewall? Eric Poole IS Security Analyst Community Medical Centers <http://communitymedical.org/> 1140 "T" Street, Fresno, California 93721 559-459-6784 (phone) 559-459-2045 (fax) -----Original Message----- From: Jim Harrison <jim@xxxxxxxxxxxx>@CHCC Sent: Friday, August 29, 2003 6:12 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Connection Issue http://www.ISAserver.org They finally opened a port for you. Hell, any port on a storm, right? Is it really all that important? Port, Starboard, who really knows? Maybe they can port their rules to your ISA. An evil portent, this is.. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! On Thu, 28 Aug 2003 22:57:10 -0700 "John Tolmachoff \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx> wrote: http://www.ISAserver.org All I know is I am seeing Holes. John Tolmachoff MCSE CSSA Engineer/Consultant eServices For You www.eservicesforyou.com -----Original Message----- From: Eric Poole [mailto:EPoole@xxxxxxxxxxxxxxxxxxxx] Sent: Thursday, August 28, 2003 5:59 PM To: [ISAserver.org Discussion List] Subject: [isalist] Connection Issue http://www.ISAserver.org Here's the situation. I'm trying to trouble shoot a web connection issue. Supposedly, our ISA server has a hole in our PIX firewall. Yet, when I make a specific protocol rule (internal ip - any) it doesn't work. On the other hand, if our network team gives another workstation a hole, it works fine. If they both have a hole, why the difference??? Another example, workstation with hole was able to ping out, ISA could not. After a good half hour of our network team looking at the PIX acl, ISA was able to ping out again. I think I pretty much know the answer to my questions, but wanted to bounce it off a third party. Also, I don't mean to sound bitter. :-) Final question, how many of you have ISA behind another firewall? Thanks in advance. Eric Poole IS Security Analyst <http://communitymedical.org/> Community Medical Centers 1140 "T" Street, Fresno, California 93721 559-459-6784 (phone) 559-459-2045 (fax) ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: johnlist@xxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: epoole@xxxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')