Re: Please help

  • From: "Radu Cruceana" <radu.cruceana@xxxxxxxxxxxx>
  • To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
  • Date: Sat, 15 Jun 2002 22:35:42 +0300

The same result is obtained also for DNS query packets or telnet in port
110. 

The problem is not ICMP related.

I have to publish those servers on the DMZ interface on ISA server.

When I analized the traffic with Network Monitor, I saw that the packets
are not routed from the external to DMZ interface.

It works after disabling/enabling of each interface but when I restart
the server or the Firewall service, it stop working again.

 

 

-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] 
Sent: Saturday, June 15, 2002 10:13 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Please help

 

http://www.ISAserver.org

ISA blocks inbound ICMP by default (ping floods are a really basic DoS
technique).

Besides, ICMP doesn't guarantee traffic flow for other protocols..

Create packet filters for DNS / SMTP traffic between the 62.231.68.<ip>
and the linux host.

 

Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/authors/harrison/
Read the books!

----- Original Message ----- 

From: Radu <mailto:radu.cruceana@xxxxxxxxxxxx>  Cruceana 

To: [ISAserver.org <mailto:isalist@xxxxxxxxxxxxx>  Discussion List] 

Sent: Saturday, June 15, 2002 9:47 AM

Subject: [isalist] Please help

 

http://www.ISAserver.org

Hi,

Please help a desperate man. I have the following configuration:


                              

Internet ->  62.231.68.x/24 --ISA--192.168.0.0/24 -> Internal LAN

                               |

                         212.93.159.61/30 (Isa Interface to DMZ)

                               |

                               |

                               |

                         212.93.159.62/30 (Linux mail Server on DMZ)

 

So, From Internet I have ping on Linux Server but I don?t have on ISA
interface to DMZ.

Routing is enabled and packet filters are specified with subnet for DMZ
so it should include 

the 212.93.159.61. 

If I disable the interface to Internet and the interface to dmz and
reenable

them everything it?s working ok. After that, if I restart the firewall
service or if I reboot the machine bye bye ping on 212.93.159.61 from
Internet.

 

Also if I stop the firewall service I have ping on 212.93.159.61.

 

This interface is crucial because I have to publish on it a dns server
and a mail server.

I?ve also try put specific packet filters for it but no result.

I don?t know what to do anymore (except to hang myself).

Thx a lot in advance.

 

 

                                                  

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
radu.cruceana@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 06-2002