Monitoring a remote network

  • From: "Rob Moore" <RMoore@xxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Thu, 17 Nov 2005 11:05:10 -0500

I have a complicated situation. If you have any insight to offer me on
ways to look to solve it, I'd appreciate it.

1. I have two separate networks that are not connected by VPN.
2. I need to monitor the status of various services on remote servers in
the remote network.
3. The home network is protected by an ISA 2004 firewall.
4. The remote network is protected by an IPCop 1.4.10 firewall. 
        (Linux-based, free, wonderful firewall for those on a budget.
I'd love to replace them all with ISA, but I can't afford 34 ISA
servers!)
5. I use an application called HostMonitor to monitor the remote
servers.
6. HostMonitor uses port 1055 to run its tests.
7. I created two rules in ISA: one allows traffic on port 1055 from my
monitoring station to the external network, and one publishes my
monitoring station as a server, for traffic from the external network on
port 1055.
8. I created a Port Forwarding rule on the remote IPCop, to forward
anything destined for 67.100.218.230:1055 to a particular internal IP
address.
9. For testing purposes, I set up a totally internal test (monitoring
station to my workstation) using port 1055 and it worked no problem.
10. I set up the real test and it didn't work. On my ISA firewall I see
the traffic apparently go out. (I get two results in the monitoring log,
one for initiating the connection and one for closing the connection.
Both have error information of "0x0". The initiating connection entry
has a result code of "0x0" whereas the closing connection entry has a
result code of "0x80074e21". Don't know if that's significant or not. In
any case, there's nothing about denying access.)
11. On the remote IPCop firewall I never see the traffic arrive.

Where can that darn traffic be going??

Thanks,
Rob

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Rob Moore
Network Manager
215-241-7870
Help Desk: 800-500-AFSC

Other related posts:

  • » Monitoring a remote network
  1. Home
  2. isalist
  3. Archive
  4. 11-2005