[isalist] Re: EnablePMTUDiscovery now enabled - Access policy required as well?

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: <isalist@xxxxxxxxxxxxx>
• Date: Wed, 23 Aug 2006 12:24:53 -0500

Hi Danny,
 
Yes, since system policy only allows for ICMP Info Request, Timestamp
and Ping.
 
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/> 
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- ISA Firewalls

 


________________________________

        From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Danny
        Sent: Wednesday, August 23, 2006 12:02 PM
        To: isalist@xxxxxxxxxxxxx
        Subject: [isalist] EnablePMTUDiscovery now enabled - Access
policy required as well?
        
        
        After enabling EnablePMTUDiscovery per MSKB 905179, do you need
to create a new policy per MSKB 902347 to see the potential performance
improvements?
        
        Referencing:
        http://support.microsoft.com/default.aspx?scid=kb;en-us;905179
        http://support.microsoft.com/kb/902347/en-us
        
        
        
        Policy:
        

        ISA Server 2004, Standard Edition 

1.       Click Start, point to Programs, point to Microsoft ISA Server ,
and then click ISA Server Management.   
2.       In the left pane, expand ArrayName, and then click Firewall
Policy. 
3.       In the task pane, click the Toolbox tab, and then click
Protocols.      
4.       Under Protocols, click New, and then click Protocol.   
5.       In the Protocol definition name box, type ICMP MTU Discovery,
and then click Next.    
6.       Click New, and then click ICMP in the Protocol type list.      
7.       In the Direction list, click Send Receive.     
8.       Type 4 in the ICMP Code box, type 3 in the ICMP Type box, and
then click OK.  
9.       Click Next, click Finish, and then click Apply.        
10.      In the left pane, right-click Firewall Policy, click New, and
then click Access Rule. 
11.      In the Access rule name box, type Allow ICMP MTU Discovery, and
then click Next.        
12.      Click Allow, and then click Next.      
13.      In the This rules applies to list, click Selected protocols,
and then click Add.     
14.      In the Protocols list, expand User-Defined.    
15.      Click ICMP MTU Discovery, click Add, click Close , and then
click Next.     
16.      Click Add.     
17.      In the Network entities list, expand Networks. 
18.      Click External, and then click Add.    
19.      Click Internal, click Add, click Close , and then click Next.  
20.      Click Add.     
21.      In the Network entities list, expand Networks. 
22.      Click Local Host, click Add , click Close, and then click Next
two times.      
23.      Click Finish, and then click Apply.    

Other related posts:

• » [isalist] EnablePMTUDiscovery now enabled - Access policy required as well?
• » [isalist] Re: EnablePMTUDiscovery now enabled - Access policy required as well?

1. Home
2. isalist
3. Archive
4. 08-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---