RE: Protocol question

  • From: "Andrew English" <andrew@xxxxxxxxxxxxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Thu, 7 Apr 2005 08:05:18 -0400

Hi John, 

To answer question about feeling guilty, no I don't feel guilty because
I have posted the same type of question here before and gotten the same
old flame response from Jim and Greg, so the plan was to try and avoid
their unintelligent remarks as much as I can but it seems that there was
no way to avoid it. 

As I explained John in one of my post I have a home business which
relies on ISA 2004 Server for my clients, and business security, the
issue was that my wife and I decided it was best for the time being to
cut our home DSL connection and use our business connection for the time
being. So using a linksys router or another method other than ISA 2004
Server is simply not an option.

Steve, I have been doing exactly that opening my machine wide open on
the net I would just like to hammer out a better solution if it's
possible, though it looks like I am going to have to figure it out on my
own and not tell any one here since they don't deserve to know the
truth. 

Regards,
Andrew



-----Original Message-----
From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] 
Sent: Thursday, April 07, 2005 4:04 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Protocol question

http://www.ISAserver.org

I don't bleeping believe it. Or maybe I should.

A confounded on-line game.

Andrew, do you feel a little bit guilty since you did not state until
many
posts later that it was an on-line game you were trying to get to work?

On-line games and firewalls are almost mutually exclusive.

If you insist on running on-line games, you will be a whole lot better
off
with a cheapy Linksys, or if it makes you feel good you can use a
Sonicwall
in standard mode. Of course then you would have to pony up for at least
5
static public IP addresses.

John T
eServices For You


> -----Original Message-----
> From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx]
> Sent: Wednesday, April 06, 2005 6:39 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Protocol question
> 
> http://www.ISAserver.org
> 
> Steve,
> 
> World of Warcraft
> 
> Ports I was told:
> 
> 3724 TCP Inbound
> 6112 TCP Inbound
> 6881-6999 TCP Inbound
> 
> Initially the guys said Inbound/Outbound then changed his mind to
> Inbound. This doesn't make any sense to me since WoW needs to talk to
> them on the outbound to get things started.
> 
> As far as the exam I took the test one which was posted here a month
or
> so ago, the one which was interactive then asked you a bunch of
> questions at the end, then MS gave you a certificate. If you were
> referring to something else I apologize but for the confusion.
> 
> Andrew
> 
> 
> -----Original Message-----
> From: Steve Moffat [mailto:steve@xxxxxxxxxx]
> Sent: Wednesday, April 06, 2005 9:54 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Protocol question
> 
> http://www.ISAserver.org
> 
> Andrew,
> 
> What instructions were you given. What ports were you given? What's
the
> application you're trying to use?
> 
> Looks to me that you're getting confused.  Didn't you pass the ISA
> exam??
> 
> S
> 
> -----Original Message-----
> From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx]
> Sent: Wednesday, April 06, 2005 9:43 PM
> To: ISA Mailing List
> Subject: [isalist] RE: Protocol question
> 
> http://www.ISAserver.org
> 
> Shawn,
> 
> Thanks for the info. However if I take the port information I received
> for this company and add it into a Linksys router setting for TCP the
> connection works. Of course your everyday mickey mouse routers don't
> bother customers with the inbound/outbound non-sense that you are
> putting me though.
> 
> I guess I could always go back my Linksys router if I needed to...
> 
> Andrew
> 
> 
> -----Original Message-----
> From: Quillman Shawn (RBNA/CSA1) *
[mailto:Shawn.Quillman@xxxxxxxxxxxx]
> Sent: Wednesday, April 06, 2005 5:36 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Protocol question
> 
> http://www.ISAserver.org
> 
> 
> And again, that completely depends on how the protocol that you are
> trying to define for ISA works.  You need to find out how exactly this
> protocol you're talking about works.
> 
> If you initiate an outbound connection with said protocol and said
> protocol tries to initiate an inbound protocol on a different port
then
> you use secondary connections (look at how active ftp works for
> example).  If an inbound connection is coming that was initiated from
an
> external host then you need to have an inbound access rule to allow it
> in, otherwise you ain't getting jack from that host.  Secondary
> protocols are only relevant from connections initiated from your
> internal network.  For anything initiated from an external host you
will
> need an inbound rule.
> 
> 
> -----
> Robert Bosch Corporation
> Technical Systems Analyst (RBNA/CSA1)
> Corporate Sales Reporting Systems
> 38000 Hills Tech Drive - Farmington Hills, MI 48331 - USA
> phone: 1 (248) 553-1164    fax: 1 (248) 848-6969
> shawn.quillman@xxxxxxxxxxxx
> http://www.bosch.us
> 
> -----Original Message-----
> From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx]
> Sent: Wednesday, April 06, 2005 5:23 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Protocol question
> 
> http://www.ISAserver.org
> 
> Okay you open ISA 2004 Server, click on the task pane on the right
hand
> side, click on Protocol, click new and protocol, then give it a name,
> then assign the ports you need to open. In my case I was told TCP /
> Inbound but as I found out from testing it that it should be Outbound
> otherwise the computer on the LAN doesn't get out which it's suppose
do
> it.
> 
> If I need to add the Inbound can I a) add the inbound ports to the
> secondary connection or b) do I have to start over with creating a new
> protocol adding the Inbound ports to it?
> 
> Andrew
> 
> 
> 
> 
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> Sent: Wednesday, April 06, 2005 4:00 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Protocol question
> 
> http://www.ISAserver.org
> 
> As usual, the question remains unanswered - exactly how does the
> protocol in question operate?
> Whether you use secondary protocols depends on whether or not more
than
> one protocol is used.
> The word "protocol" is a bit vague in your context.
> 
> -------------------------------------------------------
>    Jim Harrison
>    MCP(NT4, W2K), A+, Network+, PCG
>    http://isaserver.org/Jim_Harrison/
>    http://isatools.org
>    Read the help / books / articles!
> -------------------------------------------------------
> 
> 
> -----Original Message-----
> From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx]
> Sent: Wednesday, April 06, 2005 11:25
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Protocol question
> 
> http://www.ISAserver.org
> 
> I have been told by the company who uses the IPs I need to setup to
use
> TCP/Inbound, however I when setup the protocol and monitor it nothing
> goes out until I change the Inbound to Outbound. So my question still
> stands do I need to create a new protocol or can I add the inbound to
> the secondary connections?
> 
> Andrew
> 
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading
> Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
> Security Resource Site: http://www.windowsecurity.com/ Network
Security
> Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> shawn.quillman@xxxxxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading
> Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
> Security Resource Site: http://www.windowsecurity.com/ Network
Security
> Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> andrew@xxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading
> Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
> Security Resource Site: http://www.windowsecurity.com/ Network
Security
> Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> isalist@xxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> The haggis is unusual in that it is neither consistently nocturnal nor
> diurnal, but instead is active at dawn and dusk (crepuscular), with
> occasional forays forth during the day and night.
> 
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> andrew@xxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> johnlist@xxxxxxxxxxxxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
andrew@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx


Other related posts: