RE: SSH ISA2004

  • From: Alexandre Gauthier <gauthiera@xxxxxxxxxxxxxxxxx>
  • To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
  • Date: Thu, 5 Jan 2006 09:23:02 -0500 

Does it? I was under the impression that I had created that definition
myself. Oh well.

In any case, the order of the rules and perhaps a listing would be helpful.

-----Message d'origine-----
De : Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Envoyé : 4 janvier 2006 17:17
À : [ISAserver.org Discussion List]
Objet : [isalist] RE: SSH ISA2004

http://www.ISAserver.org

Not true; ISA includes a protocol definition for SSH. 


-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: Alexandre Gauthier [mailto:gauthiera@xxxxxxxxxxxxxxxxx] 
Sent: Wednesday, January 04, 2006 13:20
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SSH ISA2004

http://www.ISAserver.org

By protocol definition rule I mean that there is no protocol definition
provided with ISA. You need to create one for TCP port 22.

And well, check the order of your rules, perhaps...?

-----Message d'origine-----
De : Derek Scott [mailto:dscott@xxxxxxxxxx] Envoyé : 4 janvier 2006 12:37
À : [ISAserver.org Discussion List] Objet : [isalist] RE: SSH ISA2004

http://www.ISAserver.org

A protocol defentiton rule?  An access rule?  The monitor is running, and it
states it was denied by the default rule, which leads me to believe that it
is not recognizing that rule for some reason.

Thank you

Derek 


> Sorry, replying to my self is bad practice, but I realize it was kinda 
> = silly not to include a potential solution.
> 
> Henceforth:
> 
> Just create a protocol definition rule for SSH (TCP, Port 22 incoming, 
> = no secondary connections), then apply the configuration.
> 
> Also run a monitor query to see if something is denied when you 
> attempt connection, this will give you a wealth of information.
> 
> Tsk tsk, such an underrated feature.
> 
> -----Message d'origine-----
> De=A0: Alexandre Gauthier [mailto:gauthiera@xxxxxxxxxxxxxxxxx]=20
> Envoy=E9=A0: 4 janvier 2006 11:13
> =C0=A0: [ISAserver.org Discussion List]
> Objet=A0: [isalist] RE: SSH ISA2004
> 
> http://www.ISAserver.org
> 
> Let me get this straight -- you are trying to publish (allow "outside"
> access to an host behind ISA on the "inside") an SSH server, not allow 
> = the people inside to SSH out, right?
> 
> -----Message d'origine-----
> De=A0: Derek Scott [mailto:dscott@xxxxxxxxxx]=20
> Envoy=E9=A0: 4 janvier 2006 10:56
> =C0=A0: [ISAserver.org Discussion List]
> Objet=A0: [isalist] SSH ISA2004
> 
> http://www.ISAserver.org
> 
> Hello,
> 
> I am trying to enable SSH connections via my ISA2004 server.  I have 
> created an access rul for this protocol, and also a server publishing 
> rule. In the logs on the ISA server I am getting denied connection at 
> = the defualt rule.  So it appears it is not getting or "seeing" the 
> selected rules?
> 
> Any suggestions
> 
> Derek Scott
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> gauthiera@xxxxxxxxxxxxxxxxx
> To unsubscribe visit =
> http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> gauthiera@xxxxxxxxxxxxxxxxx
> To unsubscribe visit =
> http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gauthiera@xxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gauthiera@xxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 01-2006