Hi, Normally after a change, you need to wait 15 to 30 sec. before it takes effect. In v=fact it's the configuration of ISA (its own config. reader). No need to stop/restart services but if you do it, as services read the "ISA config. table", your chabges take effect at this moment. Bye T. -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Tuesday, 1 October 2002 00:22 To: [ISAserver.org Discussion List] Subject: [isalist] Re: Packets blocked despite IP Filter... http://www.ISAserver.org Restarting services should get the changes. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/pages/author_index.asp?aut=3 http://isatools.org Read the books! ----- Original Message ----- From: "Alfonso Lopez de Ayala" <alopezdeayala@xxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Monday, September 30, 2002 1:57 PM Subject: [isalist] Re: Packets blocked despite IP Filter... http://www.ISAserver.org Days. Btw, how fast is "not instantaneous" (minutes, hours, days)? Even if you restart ISA services the changes are ALSO not instantaneous? A.- -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Monday, September 30, 2002 12:26 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Packets blocked despite IP Filter... http://www.ISAserver.org How much time elapses between filter creation and testing? Changes to ISA are not instaneous... Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/pages/author_index.asp?aut=3 http://isatools.org Read the books! ----- Original Message ----- From: "Alfonso Lopez de Ayala" <alopezdeayala@xxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Monday, September 30, 2002 9:40 AM Subject: [isalist] Packets blocked despite IP Filter... http://www.ISAserver.org Can't figure out this one? Am I overlooking something way basic? To allow server (W32Time service) to synchronize time with external SNTP server (the famous tock.usno.navy.mil at 192.5.41.41) I have set up the following IP Packet Filter: ------------------------------ Filter Type: IP Protocol: UDP Direction: Send receive Local port: All ports Remote port: Fixed port Remote port number: 123 This computer: This ISA server's external IP address: wwww.xxx.yyy.zzz Remote computer: This remote computer: 192.5.41.41 ------------------------------ Then in the Firewall logs I see the packets to UDP port 123 blocked: Date: 2002-09-30 Time: 02:44:20 Source-ip: wwww.xxx.yyy.zzz Destination-ip: 192.5.41.41 Protocol: Udp Param#1: 50111 Param#2 123 Filter rule: BLOCKED Interface: wwww.xxx.yyy.zzz Why is it blocking them??? ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: alopezdeayala@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: thierry.terzano@xxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')