RE: [isalist] Re: Block porn sites from ISA.....SecureNAT clients are limited to simple protocols; no secondary connections allowed. Off-subnet traffic is a different issue; you'll have to enter a manual route for ISA to talk to those clients. If you're using RRAS on the ISA, enter them there, otherwise, use a "route -p add" command to add them. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/authors/harrison/ Read the books! ----- Original Message ----- From: Bob Cheeseman To: [ISAserver.org Discussion List] Sent: Friday, August 02, 2002 5:02 AM Subject: [isalist] Re: MSN game zone not working for internal clients http://www.ISAserver.org Jim, What I have found is that a client on the same internal subnet (192.168.1.x) as the server with the firewall client installed can use games, but a secure NAT client on the same internal subnet (192.168.1.x) cannot. Also, a secure NAT client on a different subnet (192.168.3.x) even with the firewall client cannot connect. I have many DHCP and static assigned clients on various subnets and use static routes to give then access. Everything seems to work except MSN Game Zone. Could it be that I need to bind an address from each subnet to the internal card and add it to the local address table? Any thoughts? Thanx, Bob -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Wednesday, July 31, 2002 11:49 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: MSN game zone not working for internal clients http://www.ISAserver.org If you choose one of the first three as the primary port for a new protocol definition, you can then add a range of ports in the secondary connections. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/authors/harrison/ Read the books! ----- Original Message ----- From: Bob Cheeseman To: [ISAserver.org Discussion List] Sent: Wednesday, July 31, 2002 8:19 PM Subject: [isalist] MSN game zone not working for internal clients http://www.ISAserver.org Hi, Subject says it all. Login to MSN Game zone tries forever and connection to server responds with "unspecified error" Knowledge base says open ports 80,443,6667, and 28800-29100. I haven't figured out how to open a range of ports however. Any pointers appreciated. Thanx, Bob Cheeseman ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: bob@xxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')