RE: ISA 2004 blocking XP local loopback

You might be correct regarding the network element.  I'm going to look
into that right now.  
 
ISA isn't sitting on the workstation.  Sorry for not being clear.  Our
workstations are configured as web proxy clients.  With the ISA 2004
server specified, users cannot connect to their individual loopback
address.  When they are configured for ISA 2000 or if the settings are
unchecked they can connect to 127.0.0.1.
_______________________________________________ 
Eric Poole, CISSP 
Senior Information Security Analyst 
Community Medical Centers <http://communitymedical.org/>  
1140 "T" Street, Fresno, California 93721 
559-459-6784 (phone) 559-459-2045 (fax) 


________________________________

From: Young, Gerald G [mailto:Gerald.Young@xxxxxxxxxx] 
Sent: Friday, January 13, 2006 10:30 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 blocking XP local loopback


http://www.ISAserver.org


Is ISA sitting on the XP workstation?  Since 127.0.0.1 only ever refers
to itself (every box has a 127.0.0.1 IP bound to its NIC), if ISA is on
a different box than the XP workstation, something else is occurring
that is local to the ISA box.

 

Check your network elements in ISA and see what network element
127.0.0.1 falls into.  My guess is that you don't have a rule allowing
the network element to talk to itself.

Cordially yours, 
Jerry G. Young II 
  MCSE (4.0/W2K) 
Atlanta EES Implementation Team Lead 
HHS Engineering 
Unisys 
  
11493 Sunset Hills Rd. 
Reston, VA 20190 
Office: 703-579-2727 
Cell: 703-625-1468 

THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.

________________________________

From: Eric Poole [mailto:EPoole@xxxxxxxxxxxxxxxxxxxx] 
Sent: Friday, January 13, 2006 1:15 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] ISA 2004 blocking XP local loopback

 

http://www.ISAserver.org



Ok, I've been looking for the answer to this for about 45min.  Why would
ISA 2004 block a workstation from getting to 127.0.0.1?  Same
workstation going through ISA 2000 is able to access it's local
loopback.  Someone enlighten me please!

_______________________________________________ 
Eric Poole, CISSP 
Senior Information Security Analyst 
Community Medical Centers <http://communitymedical.org/>  
1140 "T" Street, Fresno, California 93721 
559-459-6784 (phone) 559-459-2045 (fax) 


-------------------------------------------------------
WARNING/CONFIDENTIAL: 
-------------------------------------------------------
This email, including attachments, may contain information that is
privileged, confidential, and/or exempt from disclosure under applicable
law (including, but not limited to, protected health information). It is
not intended for transmission to, or receipt by, any unauthorized
persons. If the reader of this message is not the intended recipient you
are hereby notified that any dissemination, distribution or copying of
this communication is strictly prohibited. If you believe this email was
sent to you in error, do not read it. Reply to the sender informing them
of the error and then destroy all copies and attachments of the message
from your system. Thank you.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gerald.young@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
epoole@xxxxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
-------------------------------------------------------
WARNING/CONFIDENTIAL: 
-------------------------------------------------------
This email, including attachments, may contain information that is privileged, 
confidential, and/or exempt from disclosure under applicable law (including, 
but not limited to, protected health information).  It is not intended for 
transmission to, or receipt by, any unauthorized persons.  If the reader of 
this message is not the intended recipient you are hereby notified that any 
dissemination, distribution or copying of this communication is strictly 
prohibited.  If you believe this email was sent to you in error, do not read 
it.   Reply to the sender informing them of the error and then destroy all 
copies and attachments of the message from your system.   Thank you.

Other related posts: