Re: Packets blocked despite IP Filter...

  • From: "Terzano, Thierry" <Thierry.Terzano@xxxxxxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Tue, 1 Oct 2002 12:26:17 +0200

Hi,

Normally after a change, you need to wait 15 to 30 sec. before it takes effect. 
In v=fact it's the configuration of ISA (its own config. reader). No need to 
stop/restart services but if you do it, as services read the "ISA config. 
table", your chabges take effect at this moment.

Bye
T.

-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Tuesday, 1 October 2002 00:22
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Packets blocked despite IP Filter...


http://www.ISAserver.org


Restarting services should get the changes.

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://isaserver.org/pages/author_index.asp?aut=3
 http://isatools.org
 Read the books!

----- Original Message -----
From: "Alfonso Lopez de Ayala" <alopezdeayala@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, September 30, 2002 1:57 PM
Subject: [isalist] Re: Packets blocked despite IP Filter...


http://www.ISAserver.org


Days.  Btw, how fast is "not instantaneous" (minutes, hours, days)?
Even if you restart ISA services the changes are ALSO not instantaneous?

A.-

-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Monday, September 30, 2002 12:26 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Packets blocked despite IP Filter...

http://www.ISAserver.org


How much time elapses between filter creation and testing?
Changes to ISA are not instaneous...

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://isaserver.org/pages/author_index.asp?aut=3
 http://isatools.org
 Read the books!

----- Original Message -----
From: "Alfonso Lopez de Ayala" <alopezdeayala@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, September 30, 2002 9:40 AM
Subject: [isalist] Packets blocked despite IP Filter...


http://www.ISAserver.org


Can't figure out this one?  Am I overlooking something way basic?

To allow server (W32Time service) to synchronize time with external SNTP
server (the famous tock.usno.navy.mil at 192.5.41.41) I have set up the
following IP Packet Filter:

------------------------------
Filter Type:
     IP Protocol: UDP
     Direction: Send receive
     Local port: All ports
     Remote port: Fixed port
     Remote port number: 123

This computer:
     This ISA server's external IP address: wwww.xxx.yyy.zzz


Remote computer:
     This remote computer: 192.5.41.41
------------------------------

Then in the Firewall logs I see the packets to UDP port 123 blocked:

Date:           2002-09-30
Time:           02:44:20
Source-ip:      wwww.xxx.yyy.zzz
Destination-ip: 192.5.41.41
Protocol:       Udp
Param#1:        50111
Param#2         123
Filter rule:    BLOCKED
Interface:      wwww.xxx.yyy.zzz

Why is it blocking them???


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
alopezdeayala@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
thierry.terzano@xxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 10-2002