Re: Using applications on server

  • From: "Jim Harrison" <jim@xxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Sun, 17 Mar 2002 07:11:05 -0800

The 192.168.2.102 address is being seen by the ISA external interface, so
you have one of two things happening here:
1. your ISP is using that address space between you and their actual
Internet access (possible)
2. someone is spoofing their source IP and is getting past your ISP routers
(also possible)
Either way, ISA is doing the right thing and telling them to bugger off.

As far as the UDP-137 for AIM, that's name resolution fun (one of my
favorite subjects).

Two scenarios come to mind here:
1. AIM on a FW client
2. AIM on the ISA itself
The common thread here is that the ISA server is likely to be the name
resolver in both cases
Lets say that AIM asks for a TCP-connection to 123.123.123.123.
By default, ISA will try to resolve that IP to a real name so that it can
compare it to any existing S&C rules (which are name-based).
Since ISA uses existing W2K DNS functionality, the ISA IP configuration on
each interface become critically important.
If DNS functionality fails to provide a name, then you'll get NB entries in
your log when W2K is forced to "dumb down" to WINS and NB name broadcasts.


Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/authors/harrison/
Read the books!
----- Original Message ----- 
From: "Mark Strangways" <strangconst@xxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Sunday, March 17, 2002 6:39 AM
Subject: [isalist] Re: Using applications on server


http://www.ISAserver.org


> I have no 192.168.x.x addresses  in my network. only 10.x.x.x...
> Not sure where it came from 192.168.xxx.xxx is meant for private address,
> correct ?
> 
> regards
> 
> ----- Original Message -----
> From: "Jim Harrison" <jim@xxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Sunday, March 17, 2002 9:28 AM
> Subject: [isalist] Re: Using applications on server
> 
> 




Other related posts: