Hi John, To answer question about feeling guilty, no I don't feel guilty because I have posted the same type of question here before and gotten the same old flame response from Jim and Greg, so the plan was to try and avoid their unintelligent remarks as much as I can but it seems that there was no way to avoid it. As I explained John in one of my post I have a home business which relies on ISA 2004 Server for my clients, and business security, the issue was that my wife and I decided it was best for the time being to cut our home DSL connection and use our business connection for the time being. So using a linksys router or another method other than ISA 2004 Server is simply not an option. Steve, I have been doing exactly that opening my machine wide open on the net I would just like to hammer out a better solution if it's possible, though it looks like I am going to have to figure it out on my own and not tell any one here since they don't deserve to know the truth. Regards, Andrew -----Original Message----- From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] Sent: Thursday, April 07, 2005 4:04 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Protocol question http://www.ISAserver.org I don't bleeping believe it. Or maybe I should. A confounded on-line game. Andrew, do you feel a little bit guilty since you did not state until many posts later that it was an on-line game you were trying to get to work? On-line games and firewalls are almost mutually exclusive. If you insist on running on-line games, you will be a whole lot better off with a cheapy Linksys, or if it makes you feel good you can use a Sonicwall in standard mode. Of course then you would have to pony up for at least 5 static public IP addresses. John T eServices For You > -----Original Message----- > From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx] > Sent: Wednesday, April 06, 2005 6:39 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Protocol question > > http://www.ISAserver.org > > Steve, > > World of Warcraft > > Ports I was told: > > 3724 TCP Inbound > 6112 TCP Inbound > 6881-6999 TCP Inbound > > Initially the guys said Inbound/Outbound then changed his mind to > Inbound. This doesn't make any sense to me since WoW needs to talk to > them on the outbound to get things started. > > As far as the exam I took the test one which was posted here a month or > so ago, the one which was interactive then asked you a bunch of > questions at the end, then MS gave you a certificate. If you were > referring to something else I apologize but for the confusion. > > Andrew > > > -----Original Message----- > From: Steve Moffat [mailto:steve@xxxxxxxxxx] > Sent: Wednesday, April 06, 2005 9:54 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Protocol question > > http://www.ISAserver.org > > Andrew, > > What instructions were you given. What ports were you given? What's the > application you're trying to use? > > Looks to me that you're getting confused. Didn't you pass the ISA > exam?? > > S > > -----Original Message----- > From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx] > Sent: Wednesday, April 06, 2005 9:43 PM > To: ISA Mailing List > Subject: [isalist] RE: Protocol question > > http://www.ISAserver.org > > Shawn, > > Thanks for the info. However if I take the port information I received > for this company and add it into a Linksys router setting for TCP the > connection works. Of course your everyday mickey mouse routers don't > bother customers with the inbound/outbound non-sense that you are > putting me though. > > I guess I could always go back my Linksys router if I needed to... > > Andrew > > > -----Original Message----- > From: Quillman Shawn (RBNA/CSA1) * [mailto:Shawn.Quillman@xxxxxxxxxxxx] > Sent: Wednesday, April 06, 2005 5:36 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Protocol question > > http://www.ISAserver.org > > > And again, that completely depends on how the protocol that you are > trying to define for ISA works. You need to find out how exactly this > protocol you're talking about works. > > If you initiate an outbound connection with said protocol and said > protocol tries to initiate an inbound protocol on a different port then > you use secondary connections (look at how active ftp works for > example). If an inbound connection is coming that was initiated from an > external host then you need to have an inbound access rule to allow it > in, otherwise you ain't getting jack from that host. Secondary > protocols are only relevant from connections initiated from your > internal network. For anything initiated from an external host you will > need an inbound rule. > > > ----- > Robert Bosch Corporation > Technical Systems Analyst (RBNA/CSA1) > Corporate Sales Reporting Systems > 38000 Hills Tech Drive - Farmington Hills, MI 48331 - USA > phone: 1 (248) 553-1164 fax: 1 (248) 848-6969 > shawn.quillman@xxxxxxxxxxxx > http://www.bosch.us > > -----Original Message----- > From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx] > Sent: Wednesday, April 06, 2005 5:23 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Protocol question > > http://www.ISAserver.org > > Okay you open ISA 2004 Server, click on the task pane on the right hand > side, click on Protocol, click new and protocol, then give it a name, > then assign the ports you need to open. In my case I was told TCP / > Inbound but as I found out from testing it that it should be Outbound > otherwise the computer on the LAN doesn't get out which it's suppose do > it. > > If I need to add the Inbound can I a) add the inbound ports to the > secondary connection or b) do I have to start over with creating a new > protocol adding the Inbound ports to it? > > Andrew > > > > > -----Original Message----- > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > Sent: Wednesday, April 06, 2005 4:00 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Protocol question > > http://www.ISAserver.org > > As usual, the question remains unanswered - exactly how does the > protocol in question operate? > Whether you use secondary protocols depends on whether or not more than > one protocol is used. > The word "protocol" is a bit vague in your context. > > ------------------------------------------------------- > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG > http://isaserver.org/Jim_Harrison/ > http://isatools.org > Read the help / books / articles! > ------------------------------------------------------- > > > -----Original Message----- > From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx] > Sent: Wednesday, April 06, 2005 11:25 > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Protocol question > > http://www.ISAserver.org > > I have been told by the company who uses the IPs I need to setup to use > TCP/Inbound, however I when setup the protocol and monitor it nothing > goes out until I change the Inbound to Outbound. So my question still > stands do I need to create a new protocol or can I add the inbound to > the secondary connections? > > Andrew > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com Leading > Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org Windows > Security Resource Site: http://www.windowsecurity.com/ Network Security > Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: > http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > shawn.quillman@xxxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com Leading > Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org Windows > Security Resource Site: http://www.windowsecurity.com/ Network Security > Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: > http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > andrew@xxxxxxxxxxxxxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com Leading > Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org Windows > Security Resource Site: http://www.windowsecurity.com/ Network Security > Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: > http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > isalist@xxxxxxxxxx To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > The haggis is unusual in that it is neither consistently nocturnal nor > diurnal, but instead is active at dawn and dusk (crepuscular), with > occasional forays forth during the day and night. > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > andrew@xxxxxxxxxxxxxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > johnlist@xxxxxxxxxxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: andrew@xxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx