Help! Forwarding outbound packets to an IP address
- From: "Kurt" <ty@xxxxxxxxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Fri, 5 Mar 2004 10:13:50 -0700
Hi,
I have a client who is using ISA Server and has just installed a banking
software program (TDAccess). This is a standalone app that does not have
any proxy settings built into the program. Therefore they make you go
through a ridiculous series of steps so that you can make it work through
a firewall and/or proxy.
Essentially there is an .ini file for TDAccess which contains the name of
the bank server (e.g. www.tdaccesspc.tdbank.ca). When the program is
opened it resolves this address, then attempts to connect to the IP on
port 2910.
On my network there is no default gateway (everyone accesses via proxy).
The bank program can resolve the IP (via my DNS server on the ISA server)
but of course cannot connect to the IP, as it can't directly connect
outside of my IP block.
So the bank's solution is to change the .ini file to the IP address of
your proxy server, then configure the proxy server to pass any data coming
from the internal network on port 2910 to www.tdaccesspc.tdbank.ca. The
bank program will contact the ISA server which will (theoretically)
transparently pass these packets up to the bank server.
Problem is - ISA server doesn't want to play ball. I've set up IP packet
filters, and these allow me to use the software - but only from the ISA
server, which has the direct Internet connection. Anywhere inside the
network just doesn't work.
I've searched and searched but I can't find any other way to get ISA to
forward requests like the software wants - for inbound connections yes
(i.e. server rules), but not for outbound.
Any suggestions? This is killing me!
Other related posts:
