Re: SBS and ISA 2004

• From: sbradcpa@xxxxxxxxxxx
• To: isalist@xxxxxxxxxxxxx
• Date: Mon, 6 Mar 2006 13:09:23 -0700

There are a couple of things that you have to tweak on an upgraded ISA
2004 that came from ISA 2000.

The issue you are seeing with SSL sites is the tcp/ip per connection issue
where the upgrade has picked up the number of 40 and it should be 160.

SBS specific resource is here:
http://isainsbs.blogspot.com/

http://isainsbs.blogspot.com/2006/01/what-we-do-after-installing-isa-2004.html


That a good starter.

The SBS Unleashed book has two excellent chapters on ISA specific to SBS
as well.

> This is a multi-part MIME message.
> 
> --=_reb-r4DFB39A3-t440C8574
> Content-Type: text/plain;
>       charset="us-ascii"
> Content-Transfer-Encoding: quoted-printable
> 
> Ok, I know SBS is "taboo", but I have a stupid general question.  I know
> as much about ISA as I do about Marine Biology (and the extent of that
> was from a Seinfeld episode).
> =20
> Just updated SBS to SP1, and ISA2004.  Uninstalled FWC and reinstalled
> new one on client.  Cannot access some websites I used to.  Checked
> logs, saw where it was being denied, added access rule for this specific
> IP address, yet is still being denied.
> 
> A) why is it denied in the first place, as the "SBS Internet Access
> Rule" or whatever it is called seems to allow everything.
> B) do I need to be more specific than just added the IP address?  I
> noticed it is trying to use port 443, do I need to add that to the
> access rule?  I would think it would be included anyway as I left it to
> all protocols.
> C) Can I allow an access rule by domain name?  e.g.
> www.beachedwhales.com (which is for sale by the way!!)
> C) Can you copy/paste/print a query from the monitoring log in ISA?  I
> could not, or I would have copied the info here.
> =20
> If I get an ISA 2004 (Toms) book, will it still answer all my SBS
> related questions or do I need a more specific book (dumbed down
> version?)...
> =20
> Thanks.  No hurry as all normal stuff is working....
> 
> 
> --=_reb-r4DFB39A3-t440C8574
> Content-Type: text/html;
>       charset="us-ascii"
> Content-Transfer-Encoding: quoted-printable
> 
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD>
> 
> <STYLE></STYLE>
> 
> </HEAD>
> <BODY bgColor=3D"#ffffff">
> <DIV align=3D"left" dir=3D"ltr"><SPAN class=3D"002343318-06032006"><FONT si=
> ze=3D"2" color=3D"#800000" face=3D"Arial"><STRONG>Ok, I know SBS is "taboo"=
> , but I have a stupid=20
> general question.&nbsp; I know as much about ISA as I do about Marine Biolo=
> gy=20
> (and the extent of that was from a Seinfeld=20
> episode).</STRONG></FONT></SPAN></DIV>
> <DIV align=3D"left" dir=3D"ltr"><SPAN class=3D"002343318-06032006"><STRONG>=
> <FONT size=3D"2" color=3D"#800000" face=3D"Arial"></FONT></STRONG></SPAN>&n=
> bsp;</DIV>
> <DIV align=3D"left" dir=3D"ltr"><SPAN class=3D"002343318-06032006"><STRONG>=
> <FONT size=3D"2" color=3D"#800000" face=3D"Arial">Just updated SBS to SP1, =
> and ISA2004.&nbsp; Uninstalled FWC=20
> and reinstalled new one on client.&nbsp; Cannot access some websites I used=
> =20
> to.&nbsp; Checked logs, saw where it was being denied, added access rule fo=
> r=20
> this specific IP address, yet is still being=20
> denied.</FONT></STRONG></SPAN></DIV><SPAN class=3D"002343318-06032006">
> <DIV align=3D"left" dir=3D"ltr"><BR><FONT size=3D"2" color=3D"#800000" face=
> =3D"Arial"><STRONG>A) why=20
> is it denied in the first place, as the "SBS Internet Access Rule" or whate=
> ver=20
> it is called seems to allow everything.</STRONG></FONT></DIV>
> <DIV align=3D"left" dir=3D"ltr"></SPAN><SPAN class=3D"002343318-06032006"><=
> FONT size=3D"2" color=3D"#800000" face=3D"Arial"><STRONG>B) do I need to be=
>  more specific than just added=20
> the IP address?&nbsp; I noticed it is trying to use port 443, do I need to =
> add=20
> that to the access rule?&nbsp; I would think it would be included anyway as=
>  I=20
> left it to all protocols.</STRONG></FONT></SPAN></DIV>
> <DIV align=3D"left" dir=3D"ltr"><SPAN class=3D"002343318-06032006"><STRONG>=
> <FONT size=3D"2" color=3D"#800000" face=3D"Arial">C) Can I allow an access =
> rule by domain name?&nbsp; e.g. <A href=3D"http://www.beachedwhales.com";>ww=
> w.beachedwhales.com</A>&nbsp;(which is for=20
> sale by the way!!)</FONT></STRONG></SPAN></DIV>
> <DIV align=3D"left" dir=3D"ltr"><SPAN class=3D"002343318-06032006"><STRONG>=
> <FONT size=3D"2" color=3D"#800000" face=3D"Arial">C) Can you copy/paste/pri=
> nt a query from the monitoring log=20
> in ISA?&nbsp; I could not, or I would have copied the info=20
> here.</FONT></STRONG></SPAN></DIV>
> <DIV align=3D"left" dir=3D"ltr"><SPAN class=3D"002343318-06032006"><STRONG>=
> <FONT size=3D"2" color=3D"#800000" face=3D"Arial"></FONT></STRONG></SPAN>&n=
> bsp;</DIV>
> <DIV align=3D"left" dir=3D"ltr"><SPAN class=3D"002343318-06032006"><STRONG>=
> <FONT size=3D"2" color=3D"#800000" face=3D"Arial">If I get an ISA 2004 (Tom=
> s) book, will it still answer all=20
> my SBS related questions or do I need a more specific book (dumbed down=20
> version?)...</FONT></STRONG></SPAN></DIV>
> <DIV align=3D"left" dir=3D"ltr"><SPAN class=3D"002343318-06032006"><STRONG>=
> <FONT size=3D"2" color=3D"#800000" face=3D"Arial"></FONT></STRONG></SPAN>&n=
> bsp;</DIV>
> <DIV align=3D"left" dir=3D"ltr"><SPAN class=3D"002343318-06032006"><STRONG>=
> <FONT size=3D"2" color=3D"#800000" face=3D"Arial">Thanks.&nbsp; No hurry as=
>  all normal stuff is=20
> working....</FONT></STRONG></SPAN></DIV><BR></BODY></HTML>
> 
> --=_reb-r4DFB39A3-t440C8574--

Other related posts:

• » SBS and ISA 2004
• » RE: SBS and ISA 2004
• » RE: SBS and ISA 2004
• » RE: SBS and ISA 2004
• » RE: SBS and ISA 2004
• » Re: SBS and ISA 2004
• » RE: SBS and ISA 2004
• » RE: SBS and ISA 2004
• » RE: SBS and ISA 2004

1. Home
2. isalist
3. Archive
4. 03-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---