RE: SecureNAT restrictions?

• From: "Koie Smith" <ksmith@xxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 28 Aug 2003 12:41:45 -0500

Well i setup in the firewall client the common configuration and also added RPD 
3389, reinstalled the firewall client on my machine just incase and tried to 
Remote Desktop into one of the networks i've vpn'ed into and still no luck.

Koie

-----Original Message-----
From: Koie Smith 
Sent: Thursday, August 28, 2003 11:47 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SecureNAT restrictions?


http://www.ISAserver.org


Ok, my ISA was already configured that way except for the the checkmark in do 
not use recursion, i enabled that and created the TCP packet filter for DNS, 
still my connection to the sql server will not work. When the firewall client 
is enabled, is it by default supplying a proxy in the background to the 
applications? Would enabling a proxy in my program work you think for 
secureNAT? It currently doesnt support using proxy but i could recode it to 
have that support.

Koie Smith
Nex-Tek, Inc.
Technical Support Team 

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Thursday, August 28, 2003 11:27 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SecureNAT restrictions?


http://www.ISAserver.org


Hi Koie,

Here's another fishing pole :-)

http://www.isaserver.org/articles/snatdns.html

HTH,
Tom

Thomas W Shinder
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp

 


-----Original Message-----
From: Koie Smith [mailto:ksmith@xxxxxxxxxxxxxx] 
Sent: Thursday, August 28, 2003 11:09 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SecureNAT restrictions?


http://www.ISAserver.org


After reading the article, it still doesn't make sense to me that if i'm
running as SecureNAT, I can't connect to my sql server across the
internet. I think if i was running the firewall client and configured it
to allow VPN/RemoteDesktop/Etc then it would probably work. Did i
misread something?

Koie Smith
Nex-Tek, Inc.
Technical Support Team 

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Thursday, August 28, 2003 10:49 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SecureNAT restrictions?


http://www.ISAserver.org


Hi Koie,

Here's a fishing pole :-)

http://www.isaserver.org/tutorials/ISA_Clients__Part_3_The_Firewall_Clie
nt.html

HTH,
Tom

Thomas W Shinder
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp

 


-----Original Message-----
From: Koie Smith [mailto:ksmith@xxxxxxxxxxxxxx] 
Sent: Thursday, August 28, 2003 10:36 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SecureNAT restrictions?


http://www.ISAserver.org


Then why the difference in being able to connect to different resources
when enabled vs disabled?

Koie

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Thursday, August 28, 2003 10:36 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SecureNAT restrictions?


http://www.ISAserver.org


Hi Koie,

Not true. Protocol Rule apply to Web Proxy, Firewall and SecureNAT
clients. They are applied to all LAT to non-LAT communications.

HTH,
Tom

Thomas W Shinder
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp

 


-----Original Message-----
From: Koie Smith [mailto:ksmith@xxxxxxxxxxxxxx] 
Sent: Thursday, August 28, 2003 10:24 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] SecureNAT restrictions?


http://www.ISAserver.org


I've come to the conclusion that the protocol rules in ISA only work if
the machine is running the firewall client, and probably many of you
knew that already if it is true. My testing revealed if i create a
destination set for my internal network. Then make a protocol rule to
allow all ports and have the firewall client enabled, then i can connect
out over the internet to a sql server i'm needing to contact. If i
disable the firewall client then I cannot connect to it anymore. Here
lies my problem, I do alot of VPN'ing to client networks, and upon doing
so, I am not able to pcAnywhere or Remote Desktop into any of their
machines including the server i just VPN'ed into. Any ideas? How can i
unlock everything from the inside for an internal client without having
to install the firewall client? 

Thanks,
Koie Smith
Nex-Tek, Inc.
Technical Support Team 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
ksmith@xxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
ksmith@xxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
ksmith@xxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
ksmith@xxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » SecureNAT restrictions?
• » RE: SecureNAT restrictions?
• » RE: SecureNAT restrictions?
• » RE: SecureNAT restrictions?
• » RE: SecureNAT restrictions?
• » RE: SecureNAT restrictions?
• » RE: SecureNAT restrictions?
• » RE: SecureNAT restrictions?
• » RE: SecureNAT restrictions?
• » RE: SecureNAT restrictions?
• » RE: SecureNAT restrictions?
• » RE: SecureNAT restrictions?
• » RE: SecureNAT restrictions?

1. Home
2. isalist
3. Archive
4. 08-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---