Re: Firewall Log sc-status: 13301

• From: "Chhatwal, Raminder S." <RChhatwal@xxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 7 Dec 2001 10:06:02 -0500

Hi,

I added the Rule#1 and Rule#2 fields, but as I expected they are blank
as I don't have any rules stopping this connection. I just want to allow
this connection. I have a protocol definition stating port 8101 open and
a protocol definition allowing any request, anytime to use this protocol
definition.
I have tried various combinations, inbound, outbound but nothing seems
to work. Please look at the logs below and advise if you can figure this
out.

Thanks
Rami

Software: Microsoft(R) Internet Security and Acceleration Server 2000
#Version: 1.0
#Date: 2001-12-07 14:54:49
#Fields: 

c-ip    cs-username     c-agent date    time    s-computername  r-host
r-ip    r-port  time-taken      cs-bytes        sc-bytes
cs-protocol     cs-transport    s-operation     sc-status       rule#1
rule#2  sessionid       connectionid
10.22.25.60     -       -       2001-12-07      14:54:49        NYNY0S24
-       10.11.0.221     8101    -       -       -       8101    TCP
Connect 13301   -       -       2       1



-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Thursday, December 06, 2001 5:25 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Fiewall Log sc-status: 13301


http://www.ISAserver.org


That error code means ISA refused to allow that traffic.
Add "Rule#1" and "Rule#2" fields to your FW logs (Monitoring, Logs,
Firewall
log props).
You need to review the protocol definition, the protocol rule and your
site
and content rules to see why this is occurring.

Jim Harrison
MCP(NT4, 2K), A+, Network+, PCG
http://isaserver.org/authors/harrison/

----- Original Message -----
From: "Chhatwal, Raminder S." <RChhatwal@xxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Thursday, December 06, 2001 10:37
Subject: [isalist] Fiewall Log sc-status: 13301


http://www.ISAserver.org


Hi all,

Following is what my firewall log shows. I have a protocol defined with
port 8101 inbound and outbound and a protocol rule allowing this
protocol to go through but I am still getting blocked.

Please advise what further configuration needs to be done to let SNAT
clients go through the firewall to connect on this port.

Thanks
Rami


#Software: Microsoft(R) Internet Security and Acceleration Server 2000
#Version: 1.0
#Date: 2001-12-06 18:27:08
#Fields:
c-ip cs-username c-agent date time
s-computername r-host r-ip r-port time-taken cs-bytes
sc-bytes cs-protocol cs-transports-operation sc-status
sessionid connectionid

10.22.25.60 - - 2001-12-06 18:27:08
NYNY0S24 - 10.11.0.221 8101 -
- - 8101 TCP Connect
13301 2 1

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')



------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
rchhatwal@xxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » Re: Firewall Log sc-status: 13301
• » Re: Firewall Log sc-status: 13301

1. Home
2. isalist
3. Archive
4. 12-2001

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---