Hey, watch those hands :) I was wondering the same thing -- what use SOCKS? Even a lowly SecureNAT client can use FTP. Thanks! Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Thursday, February 17, 2005 8:56 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Socks4 through ISA?? http://www.ISAserver.org ..and you're complaining? I used the original ISA 2000 book to help me pass my ISA certification test, so I can guarantee that you're in good hands there (don't tell Deb, tho). First, "hiding" you IPs is irrelevant; don't waste your time with this. Your log is clear - ISA is denying this request: Connect 13301; 13301 == "go away boy; ya bother me" Add "Rule#1" and "Rule#2" to the Firewall log fields selection and retry the connections. The log will then tell you what rules "fired" for this request. That's the rule that doesn't like it. Again; if these rules require authentication, you can't use the SOCKS proxy - SOCKS 4 doesn't support authenticated requests. Jim -----Original Message----- From: Mark Beynon [mailto:mark.beynon@xxxxxxxxxxxx] Sent: Thursday, February 17, 2005 3:03 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Socks4 through ISA?? http://www.ISAserver.org Thanks guys, I have literally had to learn EVERYTHING I know about proxies in two days from Mr Shinder's books! The Firewall log is as follows for my Socks4 FTP attempts: #Fields:c-ip cs-username c-agent date time s-computername r-host r-ip r-port time-taken cs-bytes sc-bytes cs-protocol cs-transport s-operation sc-status sessionid connectionid 10.X.X.X - - 2005-02-16 09:22:29 MyProxy - 12.X.X.X 21 - - - 21 TCP Connect 13301 49 45 10.X.X.X - - 2005-02-16 11:02:51 MyProxy - 12.X.X.X 21 - - - 21 TCP Connect 13301 50 46 10.X.X.X - - 2005-02-16 11:06:19 MyProxy 12.X.X.X - - - - - - - GHBN 13301 51 0 10.X.X.X - - 2005-02-16 11:07:28 MyProxy - 12.X.X.X 21 - - - 21 TCP Connect 13301 52 47 10.X.X.X - - 2005-02-16 12:02:55 MyProxy - 12.X.X.X 21 - - - 21 TCP Connect 13301 53 48 10.X.X.X - - 2005-02-16 12:05:02 MyProxy - 12.X.X.X 21 - - - 21 TCP Connect 13301 54 49 10.X.X.X - - 2005-02-16 15:34:05 MyProxy - 12.X.X.X 21 - - - 21 TCP Connect 13301 59 54 I have blanked my PC ip to 10.X.X.X but this was one single IP address. I have blanked the Internet destination to 12.X.X.X but this was one single IP address. I have changed the s-computer name to MyProxy, but this did have the name of my proxy server. What do these logs tell me? all it seems to suggest to me is that the connections are essentially working, but yet no connections are attempted from the proxy to the remote host. Please advise if you can thanks ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx