Funny!!!! That's leftovers from various thumbprints Greg Mulholland http://www.isaserver.org http://www.isaserver.mine.nu http://groups.google.com -----Original Message----- From: Steve Moffat [mailto:steve@xxxxxxxxxxxxxxxxxxxxxxxxxx] Sent: Tuesday, March 09, 2004 10:55 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Help! Forwarding outbound packets to an IP address http://www.ISAserver.org Greg has an ID10T button right smack bang in the middle of his forehead.....:)) -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Tuesday, March 09, 2004 6:44 AM To: Isa Weblist Subject: [isalist] Re: Help! Forwarding outbound packets to an IP address http://www.ISAserver.org Hi Jim, The ID10T button is next to the Open Port[TM] button. I remember that question on an exam I took when I was looking for a job as level 3 tech support for an online software vendor a couple of years ago. Unfortunately, I didn't get the job because I thought you were supposed to press the Open Port [TM] button *before* the ID10T button. In fact, the Open Port [TM] is activated only *after* the ID10T button is depressed and the Red Light [(c)tshinder2004] flashes in the Delta Wave range (1-4Hz), indicating the operator's current EEG pattern. HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA 2004 Beta - Get it now! http://www.microsoft.com/isaserver/beta/default.asp ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Monday, March 08, 2004 3:52 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Help! Forwarding outbound packets to an IP address http://www.ISAserver.org I script it, of course... :-) Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Steve Moffat" <steve@xxxxxxxxxxxxxxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Monday, March 08, 2004 13:35 Subject: [isalist] Re: Help! Forwarding outbound packets to an IP address http://www.ISAserver.org So Jim....do you use the open port button (available from Dr Thomas Shinder), or a script to open your ports....LOL Steve -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Monday, March 08, 2004 5:28 PM To: Isa Weblist Subject: [isalist] Re: Help! Forwarding outbound packets to an IP address http://www.ISAserver.org First, your bank's advisors are finalists for this year's 1d10t award; their recommendations are completely inappropriate. First, is this connection using TCP or UDP? There's no point in "opening a port" <ducks head> in a protocol that's not being used... If I were to guess, you'd want to: 1. install the FW client on your internal hosts. If you can't (or won't) do this, stop reading now. 2. Create a custom protocol as: Name = "the dumbest bank IT staff in the world" Protocol Type = TCP Port = 2910 Direction = Outbound 3. Create a Protocol Rule that allows this protocol for what ever internal clients need it. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Kurt" <ty@xxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Friday, March 05, 2004 09:13 Subject: [isalist] Help! Forwarding outbound packets to an IP address http://www.ISAserver.org Hi, I have a client who is using ISA Server and has just installed a banking software program (TDAccess). This is a standalone app that does not have any proxy settings built into the program. Therefore they make you go through a ridiculous series of steps so that you can make it work through a firewall and/or proxy. Essentially there is an .ini file for TDAccess which contains the name of the bank server (e.g. www.tdaccesspc.tdbank.ca). When the program is opened it resolves this address, then attempts to connect to the IP on port 2910. On my network there is no default gateway (everyone accesses via proxy). The bank program can resolve the IP (via my DNS server on the ISA server) but of course cannot connect to the IP, as it can't directly connect outside of my IP block. So the bank's solution is to change the .ini file to the IP address of your proxy server, then configure the proxy server to pass any data coming from the internal network on port 2910 to www.tdaccesspc.tdbank.ca. The bank program will contact the ISA server which will (theoretically) transparently pass these packets up to the bank server. Problem is - ISA server doesn't want to play ball. I've set up IP packet filters, and these allow me to use the software - but only from the ISA server, which has the direct Internet connection. Anywhere inside the network just doesn't work. I've searched and searched but I can't find any other way to get ISA to forward requests like the software wants - for inbound connections yes (i.e. server rules), but not for outbound. Any suggestions? This is killing me! ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: steve@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') This E-Mail is confidential. It is not intended to be read, copied, disclosed or used by any person other than the recipient named above. Unauthorised use, disclosure, or copying is strictly prohibited and may be unlawful. Optimum IT Solutions disclaims any liability for any action taken in connection of this E-Mail. The comments or statements expressed in this E-Mail are not necessarily those of Optimum IT Solutions or its subsidiaries or affiliates. administrator@xxxxxxxxxxxxxxxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: steve@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: gmulholland@xxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')