RE : RE: RE : RE: RE : RE: Net2Phone and ISA

• From: "Lambert A. LOMBE" <lombe@xxxxxxxxxxxxxxxxxxx>
• To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 20 Aug 2002 23:10:10 +0100

Hi,
I have one protocol rule allowing all IP traffic for anyone and any IP
address and several protocol rules denying some IP protocol to some
people of my internal network only. The denying protocol rules are based
on users and I've installed the firewall client on all local computers.
In the console and the logs only local users on local computers appear.
But in the tests I've done with firewall client installed on RAS server
and not installed on them, and on the laptop with the firewall client
installed on it and using remote access, the console shows a connection
for anonymous and all basic communications like browsing, sending mails
work very well.

>---------------------------
Lambert A. LOMBE
-----Message d'origine-----
De : Thomas W. Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] 
Envoyé : mardi 20 août 2002 22:53
À : [ISAserver.org Discussion List]
Objet : [isalist] RE: RE : RE: RE : RE: Net2Phone and ISA

http://www.ISAserver.org


Hi Lambert,

What protocol rules do you have in place?

Are the Firewall client connections appearing in the console and in the
logs? Are the clients able to send their credentials to the Firewall
service?

Thanks!

Tom

Thomas W Shinder
www.isaserver.org/shinder 
 
 

-----Original Message-----
From: Lambert A. LOMBE [mailto:lombe@xxxxxxxxxxxxxxxxxxx] 
Sent: Tuesday, August 20, 2002 4:48 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE : RE: RE : RE: Net2Phone and ISA

http://www.ISAserver.org


Hi Tom.
To give you much explanation, I'm an ISP using several computers running
Windows 2K as RAS in a Windows 2K domain. All my clients are
authenticated by IAS on my Domain Controller. I also have about 50
computers in my building. I've tried many proxies and firewall and I've
find that ISA has what I've been looking for. Local computers and remote
access computers could use its proxy cache in the fact that I use ISA in
integrated mode as my router. As you said in your book about SecureNAT
limitation, the protocol used by Net2Phone is a complex one using
secondary connections and I figure that installing the firewall client
on RAS computers could give to remote access clients the use of all the
protocol definition shipped with ISA.
I also tried to install the firewall client on a laptop and then
disconnect it from the local network and try Net2Phone using a remote
access connection with this configuration, but it didn't work. Please
help me solving this problem. I'm dealing with it since 3 months and
some people thing that I deliberately refuse them to use Net2Phone.
Thanks.

>---------------------------
Lambert A. LOMBE
-----Message d'origine-----
De : Thomas W. Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] 
Envoyé : mardi 20 août 2002 16:41
À : [ISAserver.org Discussion List]
Objet : [isalist] RE: RE : RE: Net2Phone and ISA

http://www.ISAserver.org


Hi Lambert,

Your English is a lot better than my French! :-)

I figured that it would work similarly to how it works when the VPN
client connects directly to the ISA Server. I haven't worked with the
Firewall Client on a RAS client connected to another RRAS server on the
same network as the ISA Server. Its an interesting question that I'll
have to investigate in the future.

Thanks!

Tom

Thomas W Shinder
www.isaserver.org/shinder 
 
 

-----Original Message-----
From: Lambert A. LOMBE [mailto:lombe@xxxxxxxxxxxxxxxxxxx] 
Sent: Tuesday, August 20, 2002 10:23 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE : RE: Net2Phone and ISA

http://www.ISAserver.org


Hi Tom,
Excuse me for my poor English, I'm French speaking.
On the computers of my local network with the firewall client installed,
Net2Phone function normally without any modification in the protocols
rules shipped with ISA.
I've tried by installing the firewall client on the RRAS computers which
are configure to use the IP of the ISA server as gateway. When dialling
up on these computers, Net2Phone can't function and under the ISA MMC,
the session users is anonymous which means that the user is not
authenticated and I think that the firewall client installed on the RRAS
computer can't do it's job in that case.
I want to know if I can copy the content of the share directory mspclnt
of the ISA computer and install the firewall client from it on the
computer used for dialup?

>---------------------------
Lambert A. LOMBE
-----Message d'origine-----
De : Thomas W. Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] 
Envoyé : mardi 20 août 2002 15:29
À : [ISAserver.org Discussion List]
Objet : [isalist] RE: Net2Phone and ISA

http://www.ISAserver.org


Hi Lambert,
 
Make sure the RAS client is a Firewall client too and that there is an
all open Protocol Rule for access (unless you've been able to figure out
what the precise protocols are required for Net2phone to work).
 
HTH,
Tom
 
Thomas W Shinder
 <http://www.isaserver.org/shinder> www.isaserver.org/shinder 
 
 
-----Original Message-----
From: Lambert A. LOMBE [mailto:lombe@xxxxxxxxxxxxxxxxxxx] 
Sent: Tuesday, August 20, 2002 8:44 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Net2Phone and ISA
 
http://www.ISAserver.org
Hi
Please help me.
I've got and read the entire Tom's book (Configuring ISA Server 200) and
still can't find how to allow my RAS client on other RRAS computer to
make call through ISA.
 
----------------------------------------
Lambert A. LOMBE
Gpe ACERFI-MICRONICS
 
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')


------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
lombe@xxxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')



------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
lombe@xxxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')



------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
lombe@xxxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')

Other related posts:

• » RE : RE: RE : RE: RE : RE: Net2Phone and ISA

1. Home
2. isalist
3. Archive
4. 08-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---