RE: Packet filter problem

• From: tim S <tim724342@xxxxxxxxx>
• To: "\[ISAserver.org Discussion List\]" <isalist@xxxxxxxxxxxxx>
• Date: Sat, 9 Apr 2005 18:24:54 -0700 (PDT)

Thanks Jim :)
 
I am going to run the eithereal and check the logs.  However, if you can clear 
this for me.  Does creating a packet filter with  'ANY' protocol, 'BOTH' 
directions, 'ALL' local ports and 'ALL' remote ports work?  If it does work, it 
would be similar to disabling the packet filtering feature right?  
 
The weird thing is the application works fine if the traffic goes through the 
WAN and hits the target server.   But if I take the ISA and put it in a private 
network where a router to router VPN tunnel connects the target server, the app 
has problem.  If remove the packet filter, everything seems to work fine.  BTW, 
the app connects to a SQL server on a remote network. 

Thanks
ts

Jim Harrison <Jim@xxxxxxxxxxxx> wrote:
v\:* {behavior:url(#default#VML);}o\:* {behavior:url(#default#VML);}w\:* 
{behavior:url(#default#VML);}.shape 
{behavior:url(#default#VML);}st1\:*{behavior:url(#default#ieooui) 
}http://www.ISAserver.org

Use the logs, Luke.

 

ISA logs all the traffic it sees.

You can read through the packet filter logs to see what traffic the application 
is trying to send that gets blocked.

 

-------------------------------------------------------

   Jim Harrison

   MCP(NT4, W2K), A+, Network+, PCG

   http://isaserver.org/Jim_Harrison/

   http://isatools.org

   Read the help / books / articles!

-------------------------------------------------------


 

---------------------------------


From: tim S [mailto:tim724342@xxxxxxxxx] 
Sent: Friday, April 08, 2005 14:55
To: [ISAserver.org Discussion List]
Subject: [isalist] Packet filter problem


 

http://www.ISAserver.org 

I have a window 2000/ISA 2000.  There is an application that has to communicate 
with a server in another location via WAN.  The only way the app seem to 
communicate with the server is if I disable the IP packet filtering feature in 
ISA (no, I didn't disable it in the production server). I am working on the 
test ISA server.  


 


I even created a packet filter that allows traffic both ways for all protocols, 
all port and all external interface.  Still the app can't communicate.  As soon 
as I disable the packet filtering by selecting the properties for the IP Packet 
Filters node, it has no trouble at all communicating with the server via WAN.  
Looked at the log but haven't seen any difference with or without ip packet 
filtering.


 


I am at loss.  I really appreciate it if someone can  help me on this.


 


Thanks


ts


---------------------------------


Yahoo! Messenger
Show us what our next emoticon should look like. Join the fun. 
------------------------------------------------------ List Archives: 
http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: 
http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: 
http://www.isaserver.org/pages/larticle.asp?type=FAQ 
------------------------------------------------------ Other Internet Software 
Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com 
Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange 
Server Resource Site: http://www.msexchange.org Windows Security Resource Site: 
http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ 
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com 
------------------------------------------------------ You are currently 
subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To 
unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report
 abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
tim724342@xxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 
All mail to and from this domain is GFI-scanned.

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

Other related posts:

• » Packet filter problem
• » RE: Packet filter problem
• » RE: Packet filter problem
• » RE: Packet filter problem

1. Home
2. isalist
3. Archive
4. 04-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---