I think the first one is packet filter log and second one is firewall log. -----Original Message----- From: Chhatwal, Raminder S. [mailto:RChhatwal@xxxxxxxxxxxxxxxxx] Sent: Friday, October 19, 2001 11:11 AM To: [ISAserver.org Discussion List] Cc: Jim Harrison; Mark Strangways Subject: [isalist] FW Logs http://www.ISAserver.org Hi, Can you please guide me to the description of the log files. What is the difference between the two logs "IPPEXTD20011018.log" and "FWSEXTD20011018.log"? The first one is just 1 kb and the second one is about 30MB. My attempts to access an application from SNAT client show up on the first one and are not present in the second log. What does "sc-status" column stand for in the ISA Firewall Logs? This relates with my earlier messages as under. Thanks a lot for help. Rami. -----Original Message----- From: Chhatwal, Raminder S. [mailto:RChhatwal@xxxxxxxxxxxxxxxxx] Sent: Thursday, October 18, 2001 4:10 PM To: [ISAserver.org Discussion List] Subject: [isalist] Please Help "Deny All" http://www.ISAserver.org Hi all, As I understand, by default ISA denies all access through the firewall unless explicitly allowed by a policy rule. 1. Does this apply only to the ISA server or all client workstations connected to the internal interface? For me all internal SNAT client workstations are able to access external applications without any allow rules configured. 2. Could I have done anything during installation for disable the default "deny all"? (Dedicated Firewall Standalone installation) I have made no changes after installing ISA, no protocol definitions, no protocol rules, no packet filters, no site and content rules. I have just configured a destination set and a client address set. I would appreciate any help...... I might switch to other firewalls if this thing doesn't work...though I don't want to. Thanks a lot Rami -----Original Message----- From: Chhatwal, Raminder S. [mailto:RChhatwal@xxxxxxxxxxxxxxxxx] Sent: Thursday, October 18, 2001 11:01 AM To: [ISAserver.org Discussion List] Subject: [isalist] SNAT Client http://www.ISAserver.org Hi all, I am unable to stop / restrict traffic using SNAT client. I have this one workstation sitting behind an ISA server connected to the internal interface of the server. The only connection to the outside world for this client machine is through the ISA server. But still I am unable to restrict and open access to a particular application on the outside (external network). I want to be able and give and restrict access to a number of applications on the external network at my will. I have tried protocol definitions and rules, packet filters, but nothing seems to work. Client machine can get to the external application all the time. I cannot seem to restrict the access. Please Help. Thanks Rami ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: c-ssharma@xxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')