I would really appreciate some help in determing the source of my problem with isa server thanks
- From: "dick kessler" <dk@xxxxxxxxxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Fri, 10 May 2002 10:14:28 -0700
I have a small lan (1 win98 client with a win2k server sp2 running exchange
server, isa server sp1) this network is attached via wireless ethernet to a dsl
router. The plan is to make the win2k server a low volume public machine
(email, web pages, ftp) public ports (25,etc) are mapped to the win2k server.
In an attempt to secure the win98 client from the win2k server. I installed isa
sp1. ISA was installed as a stand alone integrated server, with the lat table
showing all the internal addresses including the internally pointing server
nic. Allow rules for site and content as well as protocol permitted any
request. Protocol filters were added to the defaults to include snmp, pop3,smtp
and telnet. All filters were enabled. Packet filtering is enabled. There are no
policy elements for this array. Isa logs are configured for maximun logging.
The immediate problem was managing the wireless device with snmp (port 161 and
162). SNMP management software for this device was not able to connect to the
device without stopping the ISA server control service,stopping web proxy,
firewall service, routing remote access has no effect. Pinging the private ips
in the lan works, telnetting to the router does not (despite making a protocol
rule allowing this). SMTP outbound traffic has worked. Web browsing works with
and without isa server control running. Pinging outside the private lan does
not work. Stopping the ISA server control service permits me to ping outside
the private lan and telnet to the router.
The Isa logs, when the isa server control service is running, shows dns
requests/responses allowed, some pinging permitted, but everything else
blocked. The event logs(application and system) show noting unusual.
I removed isa and reinstalled it. Tried everything above with same results,
then installed isa sp1 again making no difference. Except the client win98 can
no longer retrieve pop3 mail even with isa server control stopped although
sending mail works.
It is obvious that starting and stopping the isa server control service blocks
and allows port traffic. I have no clue what within ISA is causing the problem.
Can anyone suggest something.
Many thanks
dick kessler
From the isaserver.org website
Packet filtering should always been enabled when the ISA Server is att the edge
of the network. When the ISA Server has an interface with the Internet, you can
make sure that no ports are open inadvertently by enabling packet filtering. By
default, the only traffic that will be
allowed when packet filtering is enabled are some ICMP filters required for
basic network management, and the DNS filter which allows the ISA Server to
make DNS queries on the behalf of ISA Server clients on the internal network.
All the above is happening, it is as if I don't have packet filetering enabled
or allow rule set up, anyone with an idea?
Other related posts:
