RE: SSH ISA2004

  • From: Alexandre Gauthier <gauthiera@xxxxxxxxxxxxxxxxx>
  • To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 4 Jan 2006 16:19:55 -0500

By protocol definition rule I mean that there is no protocol definition
provided with ISA. You need to create one for TCP port 22.

And well, check the order of your rules, perhaps...?

-----Message d'origine-----
De : Derek Scott [mailto:dscott@xxxxxxxxxx] 
Envoyé : 4 janvier 2006 12:37
À : [ISAserver.org Discussion List]
Objet : [isalist] RE: SSH ISA2004

http://www.ISAserver.org

A protocol defentiton rule?  An access rule?  The monitor is running, and
it states it was denied by the default rule, which leads me to believe
that it is not recognizing that rule for some reason.

Thank you

Derek 


> Sorry, replying to my self is bad practice, but I realize it was kinda =
> silly
> not to include a potential solution.
> 
> Henceforth:
> 
> Just create a protocol definition rule for SSH (TCP, Port 22 incoming, =
> no
> secondary connections), then apply the configuration.
> 
> Also run a monitor query to see if something is denied when you attempt
> connection, this will give you a wealth of information.
> 
> Tsk tsk, such an underrated feature.
> 
> -----Message d'origine-----
> De=A0: Alexandre Gauthier [mailto:gauthiera@xxxxxxxxxxxxxxxxx]=20
> Envoy=E9=A0: 4 janvier 2006 11:13
> =C0=A0: [ISAserver.org Discussion List]
> Objet=A0: [isalist] RE: SSH ISA2004
> 
> http://www.ISAserver.org
> 
> Let me get this straight -- you are trying to publish (allow "outside"
> access to an host behind ISA on the "inside") an SSH server, not allow =
> the
> people inside to SSH out, right?
> 
> -----Message d'origine-----
> De=A0: Derek Scott [mailto:dscott@xxxxxxxxxx]=20
> Envoy=E9=A0: 4 janvier 2006 10:56
> =C0=A0: [ISAserver.org Discussion List]
> Objet=A0: [isalist] SSH ISA2004
> 
> http://www.ISAserver.org
> 
> Hello,
> 
> I am trying to enable SSH connections via my ISA2004 server.  I have
> created an access rul for this protocol, and also a server publishing
> rule. In the logs on the ISA server I am getting denied connection at =
> the
> defualt rule.  So it appears it is not getting or "seeing" the selected
> rules?
> 
> Any suggestions
> 
> Derek Scott
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> gauthiera@xxxxxxxxxxxxxxxxx
> To unsubscribe visit =
> http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> gauthiera@xxxxxxxxxxxxxxxxx
> To unsubscribe visit =
> http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gauthiera@xxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx


Other related posts: