RE: Firewall dropping packets from some machines

• From: "Steve Moffat" <steve@xxxxxxxxxx>
• To: "ISA Mailing List" <isalist@xxxxxxxxxxxxx>
• Date: Mon, 24 Jan 2005 15:57:57 -0400

A couple of things.... Exchange has godly rights...why??...should be
published...and an ftp rule to allow updates from GFI only.
 
Is the firewall client installed on the workstations, if not how is ISA
to know who is using these protocols. 
 
If I was you...and I'm not....:), give the authorized users dhcp
reservations and create an address set for then within ISA for the
protocols you want to allow them.
 
S
 
 

________________________________

From: Kenny Mann [mailto:Kennymann@xxxxxxxxxxx] 
Sent: Monday, January 24, 2005 3:49 PM
To: ISA Mailing List
Subject: [isalist] RE: Firewall dropping packets from some machines


http://www.ISAserver.org

Sorry, I neglected to give hardware/os specs.
ISA 2000 - dedicated mode w/ Windows Server 2003.
Machine is a Compaq Prolient ML330 with 2GB of memory.
 
Kenny

        -----Original Message-----
        From: Steve Moffat [mailto:steve@xxxxxxxxxx] 
        Sent: Monday, January 24, 2005 1:17 PM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] RE: Firewall dropping packets from some
machines
        
        
        http://www.ISAserver.org
        
        Which version of ISA??
         
        S

________________________________

        From: Kenny Mann [mailto:Kennymann@xxxxxxxxxxx] 
        Sent: Monday, January 24, 2005 12:30 PM
        To: ISA Mailing List
        Subject: [isalist] Firewall dropping packets from some machines
        
        
        http://www.ISAserver.org
        
        I'm having some issues that are difficult to pin down what is
going on.
        I currently use SSH to get out of my network here (work) to get
into my box at home.
        I use Putty.
        It's not only SSH that has this problem, but it's enough to
relate to right now...
        For a while, life was good and it all worked hunkey dory (sp?).
        Then out of no where (gasp?) it stopped. More than likely I
tweaked a setting, added a patch, or did something stupid and didn't
notice it.
         
        Here is where the fun part comes in.
        If I create a Client Address Set and create a protocol rule to
allow full outbound access to whatever I want, it works as if by magic.
        However, if I create a protocol rule and allow certain users
(such as myself) full outbound access, it does not work.
        When I say it doesn't work, instead of blocking my packets
directly, it just drops them.
        What happens is Putty tries to connect, makes the first
connection, then ISA blocks it.
        Many other programs are running into the same issues.
        I really don't like adding tons of Client Address Set for this
because it just sounds wrong and insecure -- and difficult (DHCP --
except for our mail server and ISA server).
         
        Has anyone ran into this before?
        I've paid to have someone come out here and spend an hour trying
to figure out what the heck is going on, but he couldn't figure it out
and needed more time.
        At the time it was only SSH and remote desktop, which I was able
to deal without at the time and live with the CAS method. Now it seems,
other things aren't working that I didn't notcie.
        I got MailEssentials for Exchange and it says it fails to update
(yes, it's on the mail server -- which should have godly rights -- and
still doesn't work).
         
        Yes, in the previously paragraph I say the Client Address Set
method doesn't work for that computer and yet in the passage before that
one, I say it works. I should say that it's picky about the machines it
wants to work on.
         
        I have looked at my logs and it shows nothing.
         
        I'm half way tempted to reinstall ISA Server just becuase this
is a little too weird to be a config problem... Thoughts?
         
        Kenny
        ------------------------------------------------------
        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
        ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Other Internet Software Marketing Sites:
        World of Windows Networking: http://www.windowsnetworking.com
        Leading Network Software Directory: http://www.serverfiles.com
        No.1 Exchange Server Resource Site: http://www.msexchange.org
        Windows Security Resource Site: http://www.windowsecurity.com/
        Network Security Library: http://www.secinf.net/
        Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as: isalist@xxxxxxxxxx
        To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
        ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Other Internet Software Marketing Sites:
        World of Windows Networking: http://www.windowsnetworking.com
        Leading Network Software Directory: http://www.serverfiles.com
        No.1 Exchange Server Resource Site: http://www.msexchange.org
        Windows Security Resource Site: http://www.windowsecurity.com/
        Network Security Library: http://www.secinf.net/
        Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as: kennymann@xxxxxxxxxxx
        To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

Other related posts:

• » Firewall dropping packets from some machines
• » RE: Firewall dropping packets from some machines
• » RE: Firewall dropping packets from some machines
• » RE: Firewall dropping packets from some machines
• » RE: Firewall dropping packets from some machines
• » RE: Firewall dropping packets from some machines
• » RE: Firewall dropping packets from some machines
• » RE: Firewall dropping packets from some machines
• » RE: Firewall dropping packets from some machines
• » RE: Firewall dropping packets from some machines
• » RE: Firewall dropping packets from some machines

1. Home
2. isalist
3. Archive
4. 01-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---