RE: RRAS and vpn
- From: "Stefaan Pouseele" <stefaan.pouseele@xxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 30 Jun 2003 22:49:21 +0200
Hi Tom,
Great! Keep us informed if you find a more elegant way to do it.
Thanks,
Stefaan
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: maandag 30 juni 2003 17:12
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RRAS and vpn
http://www.ISAserver.org
Hi Stefaan,
You are correct! You win the social credits (I think you can take them to
the EU central bank to cash them in :-) )
When you disable the IPSec Policy Agent, it releases UDP 500. The packet
filter log showed that UDP 500 connections were being blocked. That didnt
make sense, since I had a perfectly valid Server Publishing Rule. Next step
was to look at the Event Viewer. There was a message in the Event Viewer
indicating that the Server Publishing Rule had failed because of another
process.
I recalled from my reading of Hacking Windows 2000 Exposed that the IPSec
Policy Agent would grab this port and open it even when Win2k packet
filtering was active. I believe there is a more elegant way than disabling
the policy agent, so I'll have to find my copy of Hacking Win2k Exposed and
see what the Registry Keys are to stop it from using UDP 500.
Thanks!
Tom
Thomas W Shinder
<http://www.isaserver.org/shinder> www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1 <http://tinyurl.com/1jq1>
Configuring ISA Server: <http://tinyurl.com/1llp> http://tinyurl.com/1llp
-----Original Message-----
From: Stefaan Pouseele [mailto:stefaan.pouseele@xxxxxxx]
Sent: Monday, June 30, 2003 8:28 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RRAS and vpn
Hi Tom,
I have not yet a W2K3 server running. However, on a standard W2K server UDP
port 500 and 4500 seems to be occupied by the "lsass.exe" process. If I
shutdown the "IPSec Policy Agent" service, then those UDP ports seems to
become available.
Cheers,
Stefaan
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: maandag 30 juni 2003 8:15
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RRAS and vpn
http://www.ISAserver.org
Hi Greg,
Nope.
First hint: the packet filter log showed blocked packets for UDP 500, in
spite of the fact that there was a valid Server Publishing Rule.
HTH,
Tom
Thomas W Shinder
<http://www.isaserver.org/shinder> www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1 <http://tinyurl.com/1jq1>
Configuring ISA Server: <http://tinyurl.com/1llp> http://tinyurl.com/1llp
-----Original Message-----
From: Greg Mulholland [mailto:greg_mul@xxxxxxxxxxxxxxx]
Sent: Monday, June 30, 2003 12:32 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RRAS and vpn
http://www.ISAserver.org
have to say either RRAS or ICS... prolly RRAS since it is the only one that
would be going on a firewall you would hope....
Greg
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
stefaan.pouseele@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
