Yep - he's a network-idiot. Higher-level encryption is irrelevant to transports & ports. The solution sorted by the "other" ISA customer sounds a lot more reasonable (and probably based on log analysis, to boot). ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: Neil Cassidy [mailto:ncassidy@xxxxxxxxxxxxx] Sent: Tuesday, January 03, 2006 11:42 To: [ISAserver.org Discussion List] Subject: [isalist] RE: OT - texas hold em http://www.ISAserver.org Here is a response I got after telling them it was ISA - does this sound legit? I think I know how to do it, just wanted to see what y'all said first....this is a paste from tech support: "I have been working with another ISA Server customer, who came up with a solution that seemed to work for him. Please try this and let me know how it works out for you. > I was able to get it to work by defining a new TCP protocol in the > ISA Server. Even though I had told it to allow all protocols > through, it evidently only allowed all protocols that it knew about > through. Isn't Microsoft annoying? Anyways, I defined a new > protocol (PokerStars) which used TCP port 26002 and secondary ports > (26002-26010) and that seemed to take care of it... My best guess is that the encryption we do to the packets makes ISA Server not treat them as a standard protocol packet, even though they are in a TCP wrapper. That's sheer speculation, of course, but the solution has recently worked for another ISA Server user... so let's give it a try!" -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Tuesday, January 03, 2006 2:01 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: OT - texas hold em http://www.ISAserver.org Hi Neil, Good luck with your future career as poker champ. Hope to see you on TV :) They not really giving you very useful information. You need to know what protocols are required inbound and outbound. Tom Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls **Who is John Galt?** > -----Original Message----- > From: Neil Cassidy [mailto:ncassidy@xxxxxxxxxxxxx] > Sent: Tuesday, January 03, 2006 12:48 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] OT - texas hold em > > http://www.ISAserver.org > > Ok, so I spent most of my winter break watching the World Series of > Poker on ESPN2, and consider myself the next big thing in the world of > poker, despite never playing with more than $5 at stake.... Anyway, I > play online from home on an online website, works no problem. At work > (winxp pro on > SBS2k3 w/ISA 2000) it does not work. Their technical support > suggested the following (without them knowing it was ISA). > Would any of this apply to ISA also? Sorry I am slightly less > proficient at ISA than I am at texas hold em. And if it does apply > how would I apply it? I will wear an "Isa Server.org" shirt or hat at > next years event.... Here is what they said: > > > If you're still having problems please check the settings for any > Firewall you may have there. Are you running any of these packages? > > Norton Internet Security / Norton Firewall / Norton AntiVirus > > McAfee Security Center / McAfee Firewall / McAfee AntiVirus ZoneAlarm > Kerio > > If you are, please allow full access to the net for both > PokerStars.exe or GUI and PokerStarsUpdate.exe. Also set the following > > IP addresses as trusted: > > 66.212.225.17 > > 66.212.225.22 > > 66.212.233.228 > > 66.212.233.226 > > 66.212.235.34 > > 66.212.235.35 > > 66.212.235.113 > > 66.212.235.114 > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: ncassidy@xxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned.