RE: Protocol rules

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Mon, 24 Feb 2003 18:52:43 -0600

Hi Mark,

I'm guessing it was your hard weekend. Protocol Rules aren't ordered,
and there's no reason for them to be. You can't have a protocol rule
conflict :-) Deny rules are processed before allow rules, so there can't
be any conflict.

HTH,
Tom

Thomas W Shinder
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp


-----Original Message-----
From: Mark Strangways [mailto:strangconst@xxxxxxxxxx] 
Sent: Sunday, February 23, 2003 10:26 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Protocol rules


http://www.ISAserver.org


Hi List,

Is it just me, I mean it's been a tough weekend and all but has anyone
ever
noticed how the relative order of protocol rules will affect the
operation
of the firewall clients ?
I was trying to get an app ported thru on 5503 TCP, so I made a rule.
Simple
enough...
But it never seemed to take affect until I changed it's name by adding
an A
to the front if it. Thereby putting it at the start of the list.
I do not have any deny rules even near this port range. So it cannot be
a
deny rule causing the grief.
I suppose there could be a rule that is intercepting the port before it
got
to my dedicated rule for that application. I noticed that with my
testing
with kazza rules.

Interested in your responses.

Mark S


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » Protocol rules
• » RE: Protocol rules

1. Home
2. isalist
3. Archive
4. 02-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---