From what I can tell you will need to add your secondary connection under a new protocol rule with the primary connection being TCP 80 outbound. This worked for an attempt several minutes ago, but leaves me scratching what little hair I have left. Regards, Mark ----- Original Message ----- From: Dan Gabbard To: [ISAserver.org Discussion List] Sent: Monday, January 13, 2003 7:31 PM Subject: [isalist] Re: Protocol Rules and Definitions - Kazaa http://www.ISAserver.org I had to run out for a bit but I'm back. I'll mess with it some more, if I figure something out I'll post it. Thanks, Dan -----Original Message----- From: Mark Strangways [mailto:strangconst@xxxxxxxxxx] Sent: Monday, January 13, 2003 2:50 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Protocol Rules and Definitions - Kazaa http://www.ISAserver.org The thing with Kazza is... it uses a dynamic TCP range to get out. I have not been able to create a protocol rule, other than allow all, that works. I did look thru the logs, but didn't find anything right away that was stopping it. try an allow all tied to a client set (if that is possible) and narrow down from there. I am bored so maybe I will try to get the app to work with a protocol rule. Mark ----- Original Message ----- From: Dan Gabbard To: [ISAserver.org Discussion List] Sent: Monday, January 13, 2003 4:15 PM Subject: [isalist] Re: Protocol Rules and Definitions - Kazaa http://www.ISAserver.org Hi Mark, >>By host, do you mean a internal client computer?<< Yes, running Firewall client. >>What was the exact protocol rule, with port numbers?<< Do you mean definition? If so see below. I originally created a separate rule for just Kazaa with only the two newly created Kazaa definitions in it. I was relying on the other (original rule) to provide access to HTTP and so on. It was this separate rule that I disabled and edited when Kazaa stopped working. >>Was the allow all protocol rule on by mistake?<< J No Protocol definitions: Protocol: Kazaa Inbound Port number 1214 Protocol type TCP Direction Inbound Secondary connection=yes Port range from 4000 to 5000 Protocol type TCP Direction Inbound Protocol: Kazaa Outbound Port number 1214 Protocol type TCP Direction Outbound Secondary connection=yes Port range from 4000 to 5000 Protocol type TCP Direction Inbound ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: strangconst@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')