Hi Tom, The single frame was to give you all the info on where and how the application is communicating. IP address 63.89.49.205 on port 2010. If you want to play with the application it is at http://www.worldpac.com/dial.html. I have searched the logs for this ip address and its not there? As I am opening holes in the firewall I would really not want give my logs on this list. Can I mail directly to you? How can I open the firewall up so it does not block any traffic in or out, just does it's NAT job but does not block?? This is just for testing :) Brian -----Original Message----- From: Thomas W. Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Tuesday, February 19, 2002 9:40 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Need to get application past firewall http://www.ISAserver.org Hi Brian, A single frame isn't too helpful :-) The packet filter and firewall logs would be a lot more helpful. Even more helpful would be to tell where this site and application is so that we can test it. HTH< Tom www.isaserver.org/shinder -----Original Message----- From: brianh@xxxxxxxxxxxxxxxxxxx [mailto:brianh@xxxxxxxxxxxxxxxxxxx] Sent: Tuesday, February 19, 2002 11:02 PM To: [ISAserver.org Discussion List] Subject: [isalist] Need to get application past firewall http://www.ISAserver.org Hello all, I have a firewall setup doing nat with an outside static ip. I have internet access and all seems ok except for one thing. We run one application that connects to the internet to a server on port 2010 for information and port 80 for images. I have not been able to get the application to communicate through the firewall. I know of people running behind a nated router from there isp and all is ok. I see it logging in the NT event log that it is dropping packets but nothing showes up in the ISA logs to indicate why they are being dropped? Bellow is a capture of the packet leving the computer on the way to the firewall. I have opened up the firewall as far as I no how and still no luck. Help!!! 4 5.686987 LOCAL 00105A703632 TCP ....S., len: 0, seq:1883033075-1883033075, ack: 0, win:16384, src: 2673 dst: 2010 BRIAN 63.89.49.205 IP Frame: Base frame properties Frame: Time of capture = 2/19/2002 20:50:30.627 Frame: Time delta from previous physical frame: 0 microseconds Frame: Frame number: 4 Frame: Total frame length: 62 bytes Frame: Capture frame length: 62 bytes Frame: Frame data: Number of data bytes remaining = 62 (0x003E) ETHERNET: ETYPE = 0x0800 : Protocol = IP: DOD Internet Protocol ETHERNET: Destination address : 00105A703632 ETHERNET: .......0 = Individual address ETHERNET: ......0. = Universally administered address ETHERNET: Source address : 005004D4C31E ETHERNET: .......0 = No routing information present ETHERNET: ......0. = Universally administered address ETHERNET: Frame Length : 62 (0x003E) ETHERNET: Ethernet Type : 0x0800 (IP: DOD Internet Protocol) ETHERNET: Ethernet Data: Number of data bytes remaining = 48 (0x0030) IP: ID = 0xF1A1; Proto = TCP; Len: 48 IP: Version = 4 (0x4) IP: Header Length = 20 (0x14) IP: Precedence = Routine IP: Type of Service = Normal Service IP: Total Length = 48 (0x30) IP: Identification = 61857 (0xF1A1) IP: Flags Summary = 2 (0x2) IP: .......0 = Last fragment in datagram IP: ......1. = Cannot fragment datagram IP: Fragment Offset = 0 (0x0) bytes IP: Time to Live = 128 (0x80) IP: Protocol = TCP - Transmission Control IP: Checksum = ERROR: CheckSum is 0x0000, Should be 0xCD42 IP: Source Address = 192.168.10.21 IP: Destination Address = 63.89.49.205 IP: Data: Number of data bytes remaining = 28 (0x001C) TCP: ....S., len: 0, seq:1883033075-1883033075, ack: 0, win:16384, src: 2673 dst: 2010 TCP: Source Port = 0x0A71 TCP: Destination Port = 0x07DA TCP: Sequence Number = 1883033075 (0x703CCDF3) TCP: Acknowledgement Number = 0 (0x0) TCP: Data Offset = 28 (0x1C) TCP: Reserved = 0 (0x0000) TCP: Flags = 0x02 : ....S. TCP: ..0..... = No urgent data TCP: ...0.... = Acknowledgement field not significant TCP: ....0... = No Push function TCP: .....0.. = No Reset TCP: ......1. = Synchronize sequence numbers TCP: .......0 = No Fin TCP: Window = 16384 (0x4000) TCP: Checksum = 0xB6C0 TCP: Urgent Pointer = 0 (0x0) TCP: Options TCP: Maximum Segment Size Option TCP: Option Type = Maximum Segment Size TCP: Option Length = 4 (0x4) TCP: Maximum Segment Size = 1460 (0x5B4) TCP: Option Nop = 1 (0x1) TCP: Option Nop = 1 (0x1) TCP: SACK Permitted Option TCP: Option Type = Sack Permitted TCP: Option Length = 2 (0x2) 00000: 00 10 5A 70 36 32 00 50 04 D4 C3 1E 08 00 45 00 ..Zp62.P......E. 00010: 00 30 F1 A1 40 00 80 06 00 00 C0 A8 0A 15 3F 59 .0..@.........?Y 00020: 31 CD 0A 71 07 DA 70 3C CD F3 00 00 00 00 70 02 1..q..p<......p. 00030: 40 00 B6 C0 00 00 02 04 05 B4 01 01 04 02 @............. ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: brianh@xxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')