Re: Packets blocked despite IP Filter...

  • From: "Jim Harrison" <jim@xxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Mon, 30 Sep 2002 12:26:01 -0700

How much time elapses between filter creation and testing?
Changes to ISA are not instaneous...

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://isaserver.org/pages/author_index.asp?aut=3
 http://isatools.org
 Read the books!

----- Original Message -----
From: "Alfonso Lopez de Ayala" <alopezdeayala@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, September 30, 2002 9:40 AM
Subject: [isalist] Packets blocked despite IP Filter...


http://www.ISAserver.org


Can't figure out this one?  Am I overlooking something way basic?

To allow server (W32Time service) to synchronize time with external SNTP
server (the famous tock.usno.navy.mil at 192.5.41.41) I have set up the
following IP Packet Filter:

------------------------------
Filter Type:
     IP Protocol: UDP
     Direction: Send receive
     Local port: All ports
     Remote port: Fixed port
     Remote port number: 123

This computer:
     This ISA server's external IP address: wwww.xxx.yyy.zzz


Remote computer:
     This remote computer: 192.5.41.41
------------------------------

Then in the Firewall logs I see the packets to UDP port 123 blocked:

Date:           2002-09-30
Time:           02:44:20
Source-ip:      wwww.xxx.yyy.zzz
Destination-ip: 192.5.41.41
Protocol:       Udp
Param#1:        50111
Param#2         123
Filter rule:    BLOCKED
Interface:      wwww.xxx.yyy.zzz

Why is it blocking them???


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 09-2002