Re: Publish web server & TZO on ISA2K4...Revisited...

  • From: Marvin Cummings <MarvinC@xxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Thu, 28 Oct 2004 13:48:43 -0400

This I believe to be true which is why I always kept it installed on
the web server. Attempting to install this app on the ISA server did
bring to light the fact that the ports for the TZO client aren't
opened or responding and that maybe the process I used to create these
filters were incorrect. So what I need is some confirmation on the
process for creating these filters. It obvious that the process
differes from ISA 2000 so here is what I did and you or someone advise
me if I'm wrong:

Click Toolbox in Firewall Policy section
Click "New" "Protocol" from the menu. 
Enter name for protocol
Click New, select TCP, inbond, Port range: 21330 - 21332
Click OK and click "Next
Click No for secondary connection and click Next
Click Finish
Repeat for an "outbound" protocol. 

Click Network Objects
Right-click Computer and select New computer
Type a name - NS.TZO.com and enter an IP - 216.235.248.67
Click OK and repeat for all TZO servers. 

Create a TZO Access Rule with the following: 
General: Enable
action: Allow
Protocols: TZO - Inbound & TZO Outbound
From: TZO computers
To: Localhost
Users: all
Schedule: always
Apply Policy

I should now have access to my web sites? No? 


On Thu, 28 Oct 2004 12:23:24 -0500, Thomas W Shinder
<tshinder@xxxxxxxxxxx> wrote:
> http://www.ISAserver.org
> 
> Hi Marvin,
> 
> TZO works fine with the 2004 ISA firewall. My OWA server runs behind our
> second Internet link (the DSL link with a PPPoE DSL router in front of
> the ISA firewall) and the domain is registered with TZO. TZO client is
> installed on the OWA server, but I'm sure it would work just as well
> running on the firewall -- which I wouldn't do, since it's a client app
> *and* wasn't designed to run on the ISA firewall.
> 
> HTH,
> 
> Tom
> www.isaserver.org/shinder
> Tom and Deb Shinder's Configuring ISA Server 2004
> http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> 
> 
> 
> 
> -----Original Message-----
> From: Marvin Cummings [mailto:MarvinC@xxxxxxxxx]
> Sent: Thursday, October 28, 2004 12:12 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: Publish web server & TZO on ISA2K4...Revisited...
> 
> http://www.ISAserver.org
> 
> Running a PortScan on the ISA server shows the following ports opened:
> 7
> 9
> 13
> 17
> 19
> 53
> 135
> 139
> 445
> 1025
> 3389
> 8080
> 
> Is it necessary to manually open these ports?
> 
> On Thu, 28 Oct 2004 12:37:08 -0400, Marvin Cummings <marvinc@xxxxxxxxx>
> wrote:
> > http://www.ISAserver.org
> >
> >
> >
> > Logging shows: Denied Connection for the TZO - Outbound protocol. ISA
> > 2000 is starting to look pretty good.
> >
> > On Thu, 28 Oct 2004 12:11:11 -0400, Marvin Cummings
> <marvinc@xxxxxxxxx> wrote:
> > > http://www.ISAserver.org
> > >
> > >
> > >
> > > At last post I mentioned that I was attempting to install the TZO
> > > client software on the ISa server. I mentioned that TZO is hanging
> at
> > > the "Checking name and key" page on the ISA server. My thinking is
> > > because the ports I defined in my User Defined Protocols section
> > > aren't opened. These would be ports 21330, 21331, & 21332. Typing
> > > netstat -a or -an on the ISA server doesn't show either of these
> ports
> > > to be opened.
> > > My question is what can I do on the ISA server to ensure that the
> > > ports are opened?
> > >
> > > thnks
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > World of Windows Networking: http://www.windowsnetworking.com
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List
> as: marvinc@xxxxxxxxx
> > > To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > World of Windows Networking: http://www.windowsnetworking.com
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> marvinc@xxxxxxxxx
> > To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx
> 
> 
> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as: 
> marvinc@xxxxxxxxx
> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>


Other related posts: