Re: MSN game zone not working for internal clients

• From: "Bob Cheeseman" <bob@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 2 Aug 2002 12:38:40 -0400

RE: [isalist] Re: Block porn sites from ISA.....I discovered quite by
trial and error that SecureNAT could not connect to the game server
whilst the Firewall client could. Regardless of the changes and protocol
rules I made. I then went to the clients location and added the firewall
client thinking the problem would be solved. No Luck. :(  The problem
seems to lie in the subnetting and routing.

I manage a WLAN covering about 1000 sq. miles all connected wirelessly.
Each POP is a different subnet i.e.: 192.168.2.x, 192.168.3.x, etc.
Static routes on the ISA server allow all the subnets to get an IP
address thru DHCP and gain access to the Internet. The only thing not
working is Games servers on subnets greater than 192.168.1.x. The ISA
internal card is bound to 192.168.1.254.

Typical scenario,

customer is behind Dlink Broadband router and has address 192.168.0.100
Dlink LAN side has 192.168.0.1 and WLAN side has address 192.168.3.1
gateway 192.168.3.10
radio connects to POP which has internal of 192.168.3.10 and external of
192.168.1.10 and a static route to 192.168.1.254

Not sure if this helps explain the problem or not.

Thanx,

Bob



  -----Original Message-----
  From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
  Sent: Friday, August 02, 2002 10:51 AM
  To: [ISAserver.org Discussion List]
  Subject: [isalist] Re: MSN game zone not working for internal clients


  http://www.ISAserver.org


  SecureNAT clients are limited to simple protocols; no secondary
connections allowed.
  Off-subnet traffic is a different issue; you'll have to enter a manual
route for ISA to talk to those clients.
  If you're using RRAS on the ISA, enter them there, otherwise, use a
"route -p add" command to add them.

  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/authors/harrison/
  Read the books!

    ----- Original Message -----
    From: Bob Cheeseman
    To: [ISAserver.org Discussion List]
    Sent: Friday, August 02, 2002 5:02 AM
    Subject: [isalist] Re: MSN game zone not working for internal
clients


    http://www.ISAserver.org


    Jim,

    What I have found is that a client on the same internal subnet
(192.168.1.x) as the server with the firewall client installed can use
games, but a secure NAT client on the same internal subnet (192.168.1.x)
cannot. Also, a secure NAT client on a different subnet (192.168.3.x)
even with the firewall client cannot connect.

    I have many DHCP and static assigned clients on various subnets and
use static routes to give then access. Everything seems to work except
MSN Game Zone.
    Could it be that I need to bind an address from each subnet to the
internal card and add it to the local address table?
    Any thoughts?


    Thanx,

    Bob
      -----Original Message-----
      From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
      Sent: Wednesday, July 31, 2002 11:49 PM
      To: [ISAserver.org Discussion List]
      Subject: [isalist] Re: MSN game zone not working for internal
clients


      http://www.ISAserver.org


      If you choose one of the first three as the primary port for a new
protocol definition, you can then add a range of ports in the secondary
connections.

      Jim Harrison
      MCP(NT4, W2K), A+, Network+, PCG
      http://isaserver.org/authors/harrison/
      Read the books!

        ----- Original Message -----
        From: Bob Cheeseman
        To: [ISAserver.org Discussion List]
        Sent: Wednesday, July 31, 2002 8:19 PM
        Subject: [isalist] MSN game zone not working for internal
clients


        http://www.ISAserver.org


        Hi,

        Subject says it all. Login to MSN Game zone tries forever and
connection to server responds with "unspecified error"

        Knowledge base says open ports 80,443,6667, and 28800-29100. I
haven't figured out how to open a range of ports however.

        Any pointers appreciated.

        Thanx,

        Bob Cheeseman
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as: jim@xxxxxxxxxxxx
        To unsubscribe send a blank email to
$subst('Email.Unsub')
      ------------------------------------------------------
      You are currently subscribed to this ISAserver.org Discussion List
as: bob@xxxxxxxxxxx
      To unsubscribe send a blank email to
$subst('Email.Unsub')
    ------------------------------------------------------
    You are currently subscribed to this ISAserver.org Discussion List
as: jim@xxxxxxxxxxxx
    To unsubscribe send a blank email to
$subst('Email.Unsub')
  ------------------------------------------------------
  You are currently subscribed to this ISAserver.org Discussion List as:
bob@xxxxxxxxxxx
  To unsubscribe send a blank email to
$subst('Email.Unsub')

Other related posts:

• » MSN game zone not working for internal clients
• » Re: MSN game zone not working for internal clients
• » Re: MSN game zone not working for internal clients
• » Re: MSN game zone not working for internal clients
• » Re: MSN game zone not working for internal clients
• » Re: MSN game zone not working for internal clients
• » Re: MSN game zone not working for internal clients
• » Re: MSN game zone not working for internal clients
• » Re: MSN game zone not working for internal clients
• » Re: MSN game zone not working for internal clients
• » Re: MSN game zone not working for internal clients
• » Re: MSN game zone not working for internal clients
• » Re: MSN game zone not working for internal clients

1. Home
2. isalist
3. Archive
4. 08-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---