RE: Priority of Firewall Rules

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 29 Sep 2004 10:34:40 -0500

Also, don't allow EVERYONE to use DNS. Create a computer object for your
DNS server.

HTH

Tom
www.isaserver.org/shinder
Get the book!
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls



-----Original Message-----
From: auto122605@xxxxxxxxxxxx [mailto:auto122605@xxxxxxxxxxxx] 
Sent: Wednesday, September 29, 2004 10:12 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Priority of Firewall Rules


http://www.ISAserver.org

I have just 2 rules on my isa 2K4 which are:

(Rule 1)
Allow - (From) xxx.xxx.xxx.xxx to  external
Protocol - DNS 
Users - All users

and 

(Rule 2)
Allow - (From) Internal network to external 
Protocol - Any
Users - User1

Like this i have a DNS server which uses forwarders from the internet
and is used as an internal network DNS Server.  When I move Rule 2
before
Rule 1 the DNS stops working.  How is this behaviour?  Is it cause Rule
2 allows only a specific user to access the internet therefore
automatically
all other users are denied?  And therefore the DNS Server stops working?


Thanks..
Nick Holmes



Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434

Promote security and make money with the Hushmail Affiliate Program: 
http://www.hushmail.com/about-affiliate?l=427

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » Priority of Firewall Rules
• » RE: Priority of Firewall Rules
• » RE: Priority of Firewall Rules
• » RE: Priority of Firewall Rules
• » RE: Priority of Firewall Rules
• » RE: Priority of Firewall Rules
• » RE: Priority of Firewall Rules
• » RE: Priority of Firewall Rules
• » RE: Priority of Firewall Rules
• » RE: Priority of Firewall Rules

1. Home
2. isalist
3. Archive
4. 09-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---