Re: Help! Forwarding outbound packets to an IP address

• From: "Greg Mulholland" <gmulholland@xxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 9 Mar 2004 23:06:16 +1100

Funny!!!!

That's leftovers from various thumbprints 


Greg Mulholland
http://www.isaserver.org
http://www.isaserver.mine.nu
http://groups.google.com 


-----Original Message-----
From: Steve Moffat [mailto:steve@xxxxxxxxxxxxxxxxxxxxxxxxxx] 
Sent: Tuesday, March 09, 2004 10:55 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Help! Forwarding outbound packets to an IP
address

http://www.ISAserver.org



Greg has an  ID10T button right smack bang in the middle of his
forehead.....:))


-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: Tuesday, March 09, 2004 6:44 AM
To: Isa Weblist
Subject: [isalist] Re: Help! Forwarding outbound packets to an IP
address

http://www.ISAserver.org

Hi Jim,

The ID10T button is next to the Open Port[TM] button. I remember that
question on an exam I took when I was looking for a job as level 3 tech
support for an online software vendor a couple of years ago. 

Unfortunately, I didn't get the job because I thought you were supposed
to press the Open Port [TM] button *before* the ID10T button. In fact,
the Open Port [TM] is activated only *after* the ID10T button is
depressed and the Red Light [(c)tshinder2004] flashes in the Delta Wave
range (1-4Hz), indicating the operator's current EEG pattern.

HTH,
Tom 

Thomas W Shinder
www.isaserver.org/shinder
ISA 2004 Beta - Get it now!
http://www.microsoft.com/isaserver/beta/default.asp
ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server:
http://tinyurl.com/1llp

 


-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Monday, March 08, 2004 3:52 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Help! Forwarding outbound packets to an IP
address


http://www.ISAserver.org

I script it, of course...
:-)

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://www.microsoft.com/isaserver
 http://isaserver.org/Jim_Harrison
 http://isatools.org

 Read the help, books and articles!
----- Original Message -----
From: "Steve Moffat" <steve@xxxxxxxxxxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, March 08, 2004 13:35
Subject: [isalist] Re: Help! Forwarding outbound packets to an IP
address


http://www.ISAserver.org

So Jim....do you use the open port button (available from Dr Thomas
Shinder), or a script to open your ports....LOL

Steve

-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Monday, March 08, 2004 5:28 PM
To: Isa Weblist
Subject: [isalist] Re: Help! Forwarding outbound packets to an IP
address

http://www.ISAserver.org

First, your bank's advisors are finalists for this year's 1d10t award;
their recommendations are completely inappropriate.
First, is this connection using TCP or UDP?  There's no point in
"opening a port" <ducks head> in a protocol that's not being used...

If I were to guess, you'd want to:
1. install the FW client on your internal hosts.  If you can't (or
won't) do this, stop reading now.
2. Create a custom protocol as:
    Name = "the dumbest bank IT staff in the world"
    Protocol Type = TCP
    Port = 2910
    Direction = Outbound
3. Create a Protocol Rule that allows this protocol for what ever
internal clients need it.


 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://www.microsoft.com/isaserver
 http://isaserver.org/Jim_Harrison
 http://isatools.org

 Read the help, books and articles!
----- Original Message -----
From: "Kurt" <ty@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Friday, March 05, 2004 09:13
Subject: [isalist] Help! Forwarding outbound packets to an IP address


http://www.ISAserver.org

Hi,

I have a client who is using ISA Server and has just installed a banking
software program (TDAccess). This is a standalone app that does not have
any proxy settings built into the program. Therefore they make you go
through a ridiculous series of steps so that you can make it work
through
a firewall and/or proxy.

Essentially there is an .ini file for TDAccess which contains the name
of
the bank server (e.g. www.tdaccesspc.tdbank.ca). When the program is
opened it resolves this address, then attempts to connect to the IP on
port 2910.

On my network there is no default gateway (everyone accesses via proxy).
The bank program can resolve the IP (via my DNS server on the ISA
server)
but of course cannot connect to the IP, as it can't directly connect
outside of my IP block.

So the bank's solution is to change the .ini file to the IP address of
your proxy server, then configure the proxy server to pass any data
coming
from the internal network on port 2910 to www.tdaccesspc.tdbank.ca. The
bank program will contact the ISA server which will (theoretically)
transparently pass these packets up to the bank server.

Problem is - ISA server doesn't want to play ball. I've set up IP packet
filters, and these allow me to use the software - but only from the ISA
server, which has the direct Internet connection. Anywhere inside the
network just doesn't work.

I've searched and searched but I can't find any other way to get ISA to
forward requests like the software wants - for inbound connections yes
(i.e. server rules), but not for outbound.

Any suggestions? This is killing me!




------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
steve@xxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')



This E-Mail is confidential. It is not intended to be read, copied,
disclosed or used by any person other than the recipient named
above.


Unauthorised use, disclosure, or copying is strictly prohibited and may
be unlawful. Optimum IT Solutions disclaims any liability
for any action taken in connection of this E-Mail. The comments or
statements expressed in this E-Mail are not necessarily those of
Optimum IT Solutions or its subsidiaries or affiliates.

administrator@xxxxxxxxxxxxxxxxxxxxxxxxxx



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
steve@xxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gmulholland@xxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')

Other related posts:

• » Help! Forwarding outbound packets to an IP address
• » RE: Help! Forwarding outbound packets to an IP address
• » RE: Help! Forwarding outbound packets to an IP address
• » Re: Help! Forwarding outbound packets to an IP address
• » Re: Help! Forwarding outbound packets to an IP address
• » Re: Help! Forwarding outbound packets to an IP address
• » Re: Help! Forwarding outbound packets to an IP address
• » Re: Help! Forwarding outbound packets to an IP address
• » Re: Help! Forwarding outbound packets to an IP address
• » Re: Help! Forwarding outbound packets to an IP address
• » Re: Help! Forwarding outbound packets to an IP address
• » Re: Help! Forwarding outbound packets to an IP address
• » Re: Help! Forwarding outbound packets to an IP address

1. Home
2. isalist
3. Archive
4. 03-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---