RE: FW: RE: question about adding programs to use firewall client
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 22 Mar 2005 09:21:22 -0600
Hi Sebastian,
Not if the clients are also Web proxy clients and you haven't configured those
sites for Direct Access.
HTH,
Tom
-----Original Message-----
From: Dijk, Sebastian van [mailto:sebastian.van.dijk@xxxxxxxxxx]
Sent: Tuesday, March 22, 2005 8:52 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: FW: RE: question about adding programs to use firewall
client
http://www.ISAserver.org
Hi Jim,
I have created a protocol rule to allow http and https based on user
authentication. It seems like the firewall client is not capturing the requests
from the application because I can't find entries in the log. So the request
reaches ISA by default gateway and not through the client. This is not what I
want, because I don't want to use securenat but the firewall client. That's why
I thought of entering the application name in the firewall client configuration
on the isa server.
Should the firewall client capture al connection requests by default ?
Regards,
Sebastian
-----Oorspronkelijk bericht-----
Van: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Verzonden: maandag 21 maart 2005 14:35
Aan: [ISAserver.org Discussion List]
Onderwerp: [isalist] FW: RE: question about adding programs to use firewall
client
http://www.ISAserver.org
Sorry; it was one of those lost in last week's problems...
-----Original Message-----
From: Jim Harrison
Sent: Monday, March 14, 2005 6:04 AM
To: '[ISAserver.org Discussion List]'
Subject: RE: [isalist] RE: question about adding programs to use firewall client
Hi Sebatian,
"By default", nothing works through ISA.
What policies have you created to allow HTTP traffic at all?
You don't need either of the locbind or remotebind options - those define
listeners for the application.
Unless it's acting as a server, these are of no use to you.
Filter the logs for the destination IP that you're testing and HTTP protocol.
If the client is making requests through ISA, they're in the log.
Jim
-----Original Message-----
From: Dijk, Sebastian van [mailto:sebastian.van.dijk@xxxxxxxxxx]
Sent: Sunday, March 13, 2005 11:14 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: question about adding programs to use firewall client
http://www.ISAserver.org
Hi Jim,
It's a client http program to test the response of a webserver.
It has no proxy options and I do not want to use securenat, so there comes the
firewall client. By default the firewall client does not make this application
work, so I entered the processname into the firewall client configuration (on
the isaserver) with the localbindtcp and remotebindtcp port 80 and 443. This
didn't work.
So I placed a wspcfg.ini in the folder were the application is located.
Still no results.
What other options do I have ? Because i could not find items in the fw log.
Met vriendelijke groet,
Sebastian van Dijk
Systeembeheer
email: sebastian.van.dijk@xxxxxxxxxx
-----Oorspronkelijk bericht-----
Van: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Verzonden: zaterdag 12 maart 2005 17:09
Aan: [ISAserver.org Discussion List]
Onderwerp: [isalist] RE: question about adding programs to use firewall client
http://www.ISAserver.org
Hi Sebastian,
Let's go back to square 1...
1. what is this application trying to do; client, server, MITM, etc.)?
2. what are the configuration options this app affords you (proxy, etc.)?
Jim
-----Original Message-----
From: Dijk, Sebastian van [mailto:sebastian.van.dijk@xxxxxxxxxx]
Sent: Friday, March 11, 2005 1:55 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: question about adding programs to use firewall client
http://www.ISAserver.org
Hi Jim,
Actually, i don't see a thing related to my problem logged in the FW log.
So I don't know if even the program is beeing "captured" by the firewall
client. I tried to modify the localbind and remotebind settings for the
firewall client at the ISA server configuration, and I tried as mentioned in my
first mail, the local .ini file.
Met vriendelijke groet,
Sebastian van Dijk
Systeembeheer
email: sebastian.van.dijk@xxxxxxxxxx
VECOZO
Emma Goldmanweg 4b
5032 MN
Tilburg
tel : +31 (0)13 4625 649
fax : +31 (0)13 4625 640
-----Oorspronkelijk bericht-----
Van: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Verzonden: donderdag 10 maart 2005 15:08
Aan: [ISAserver.org Discussion List]
Onderwerp: [isalist] RE: question about adding programs to use firewall client
http://www.ISAserver.org
HI Sebastian,
You can delete those settings.
Have you examined the ISA logs to see what the results of your attempts
actually are?
________________________________________
From: Dijk, Sebastian van [mailto:sebastian.van.dijk@xxxxxxxxxx]
Sent: Thursday, March 10, 2005 3:13 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] question about adding programs to use firewall client
http://www.ISAserver.org
Hi,
I am trying to get an application to use the firewall client.
This application makes HTTP and HTTPS connections.
So I made a wspcfg.ini en entered :
[WSP_Client_App]
Disable=0
NameResolution=R
LocalBindTcpPorts=80,443
RemoteBindTcpPorts=80,443
ForceCredentials=1
NameResolutionForLocalHost=L
I can't get the application to work, am I missing something ?
I am not sure about the configuration of the local and remote bind tcp ports.
Can anyone help me ?
Tnx
Met vriendelijke groet,
Sebastian van Dijk
Systeembeheer
email: sebastian.van.dijk@xxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading Network
Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading Network
Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
sebastian.van.dijk@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading Network
Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading Network
Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
sebastian.van.dijk@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading Network
Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading Network
Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
sebastian.van.dijk@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading Network
Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
