RE: FW Logs

• From: "Sharma, Shobha" <c-ssharma@xxxxxxxxxxx>
• To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 19 Oct 2001 11:18:12 -0400

I think the first one is packet filter log and second one is firewall log.

-----Original Message-----
From: Chhatwal, Raminder S. [mailto:RChhatwal@xxxxxxxxxxxxxxxxx]
Sent: Friday, October 19, 2001 11:11 AM
To: [ISAserver.org Discussion List]
Cc: Jim Harrison; Mark Strangways
Subject: [isalist] FW Logs


http://www.ISAserver.org


Hi,

Can you please guide me to the description of the log files.

What is the difference between the two logs "IPPEXTD20011018.log" and
"FWSEXTD20011018.log"? 
The first one is just 1 kb and the second one is about 30MB.

My attempts to access an application from SNAT client show up on the
first one and are not present in the second log.

What does "sc-status" column stand for in the ISA Firewall Logs?

This relates with my earlier messages as under.

Thanks a lot for help.

Rami.

-----Original Message-----
From: Chhatwal, Raminder S. [mailto:RChhatwal@xxxxxxxxxxxxxxxxx]
Sent: Thursday, October 18, 2001 4:10 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Please Help "Deny All"


http://www.ISAserver.org


Hi all,

As I understand, by default ISA denies all access through the firewall
unless explicitly allowed by a policy rule.

1. Does this apply only to the ISA server or all client workstations
connected to the internal interface?

For me all internal SNAT client workstations are able to access external
applications without any allow rules configured.

2. Could I have done anything during installation for disable the
default "deny all"? (Dedicated Firewall Standalone installation)
I have made no changes after installing ISA, no protocol definitions, no
protocol rules, no packet filters, no site and content rules. I have
just configured a destination set and a client address set.

I would appreciate any help...... I might switch to other firewalls if
this thing doesn't work...though I don't want to.

Thanks a lot
Rami

-----Original Message-----
From: Chhatwal, Raminder S. [mailto:RChhatwal@xxxxxxxxxxxxxxxxx]
Sent: Thursday, October 18, 2001 11:01 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] SNAT Client


http://www.ISAserver.org



Hi all,
 
I am unable to stop / restrict traffic using SNAT client.

I have this one workstation sitting behind an ISA server connected to
the internal interface of the server. 
The only connection to the outside world for this client machine is
through the ISA server. 

But still I am unable to restrict and open access to a particular
application on the outside (external network).

I want to be able and give and restrict access to a number of
applications on the external network at my will.

I have tried protocol definitions and rules, packet filters, but nothing
seems to work.

Client machine can get to the external application all the time. I
cannot seem to restrict the access.

Please Help.

Thanks
Rami


------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
c-ssharma@xxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » FW Logs
• » RE: FW Logs
• » RE: FW Logs
• » RE: FW Logs
• » RE: FW Logs

1. Home
2. isalist
3. Archive
4. 10-2001

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---