RE: Sonicwall Pro 3060 / ISA 2004 / Remote Desktop Query

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Tue, 9 Aug 2005 05:45:31 -0500

Hi Jules,

Are the connections making it to the ISA firewall?

Are the internal and external addresses on the sonicwall on different
network IDs? Did your ISP assign you public (WAN) and LAN addresses for
your sonicwall?

Thanks!

Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls

 

> -----Original Message-----
> From: Julian Wilkinson [mailto:jules@xxxxxxxxxxxxxx] 
> Sent: Tuesday, August 09, 2005 5:29 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Sonicwall Pro 3060 / ISA 2004 / Remote 
> Desktop Query
> 
> http://www.ISAserver.org
> 
> 
> Right, looking into the logs reveals just about nothing...
> 
> I'm using Kiwi Syslog - and all I get is "connection opened" and then
> "connection closed".
> 
> Maybe I'm looking in the wrong place - but it's not revealing 
> anything?
> 
> I get (for instance) :
> 2005-08-09 11:25:16   Local0.Info     212.219.123.7   id=firewall
> sn=0006B10CEA60 time="2005-08-09 11:20:34" fw=212.219.123.7  
> pri=6 c=262144
> m=98 msg="Connection Opened" n=798 src=80.229.170.247:4132:WAN
> dst=212.219.123.71:3389:LAN proto=tcp/3389
> 2005-08-09 11:25:16   Local0.Info     212.219.123.7   id=firewall
> sn=0006B10CEA60 time="2005-08-09 11:20:34" fw=212.219.123.7  
> pri=6 c=1024
> m=537 msg="Connection Closed" n=318 src=80.229.170.247:4132:WAN
> dst=212.219.123.71:3389:LAN proto=tcp/3389 sent=94 rcvd=48
> 
> (Goodness knows if that is any use!)
> 
> The Sonicwall logs accessible from the firewall web interface 
> don't reveal
> anything (I've told the firewall to log when rules are used, 
> and I presume
> that that is what is getting sent to the Kiwi syslogger).
> 
> Still coming up with the same error...
> 
> I've checked the Sonicwall forum and when you search for 
> these issues you
> get a whole load of VPN as an answer... 
> 
> Is that what it might have to be for us to?
> 
> Cheers
> 
> Jules
> 
> -----Original Message-----
> From: Julian Wilkinson [mailto:jules@xxxxxxxxxxxxxx] 
> Sent: 08 August 2005 23:37
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Sonicwall Pro 3060 / ISA 2004 / Remote 
> Desktop Query
> 
> http://www.ISAserver.org
> 
> Will do that for you tomorrow morning (the logs) - The last 
> time I checked
> the RDP packets were just getting dropped. (I don't recall 
> any more specific
> information from that).
> 
> The IP ranges - 
> Sonicwall 212.219.123.7 WAN interface.
> Going to ISA 2004 on 212.219.123.4 (Both class C's) (and also 
> various other
> IP address' for the published webservers and also Remote 
> Desktop machines)
> Then going to a 10.10.0.2 on the internal (on a class B subnet)
> Various machines being on 10.10.1.x 
> I've published the machines to specific 212.219.123.x IP's 
> (we have a full
> class C for our disposal).
> 
> Nothing fruity with the ports as of yet! Just standard 3389.
> 
> Anything else? Or more specifics??
> 
> Cheers
> 
> Jules
> 
> (BTW - Is every one else getting 2 copies of every email?)
> 
> -----Original Message-----
> From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx] 
> Sent: 08 August 2005 22:41
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Sonicwall Pro 3060 / ISA 2004 / Remote 
> Desktop Query
> 
> http://www.ISAserver.org
> 
> So if you run the logs on the sonicwall and on the ISA server, can you
> see where the incoming rdp connection breaks. Van we have a 
> breakdown of
> the ip ranges on the sonicwall and isa interfaces.. 
> 
> -----Original Message-----
> From: Julian Wilkinson [mailto:jules@xxxxxxxxxxxxxx] 
> Sent: Tuesday, August 09, 2005 3:54 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Sonicwall Pro 3060 / ISA 2004 / Remote 
> Desktop Query
> 
> http://www.ISAserver.org
> 
> Hello, 
> 
> I've just been tasked with setting up my works firewall setup...
> 
> However, all is going mostly swimmingly - But I've hit a stumbling
> block.
> 
> We have a requirement for Remote Desktop access for some 
> users from the
> outside in - and I can't get it to bridge across the two firewalls.
> 
> The setup is that the Sonicwall is on the outside edge, and the ISA
> server plugged into the WAN port of the Sonicwall.
> 
> ISA is doing some access rules, website publishing and proxying, the
> Sonicwall content filtering and provision of a DMZ (and usual edge
> firewall duties).
> 
> I can't seem to get the Remote Desktop connection to bridge 
> over the two
> servers.
> 
> I can get Remote Desktop in "over the edge" or through ISA server
> publishing, but I can't get a connection from the outside to jump both
> hurdles.
> 
> Has anyone done this? Can this be done?
> 
> I know there is a connection being made as I get a connection error of
> "The Client could not establish a connection to the remote 
> computer The
> most likely causes for this error are :
> 1) Remote connections might not be enabled at the remote computer
> (They
> are - I've tested it from the "space between" the Sonicwall and ISA)
> 2) The maximum number of connections was exceeded at the 
> remote computer
> (not true)
> 3) A network error occurred while establishing the 
> connection"  (True -
> At a
> guess!)
> 
> The interesting side effect of this is that I have to soft restart the
> sonicwall after this before it will then accept further Remote Desktop
> connections even to the perimeter.
> 
> So -
> Anything I am doing wrong? Anything I am missing? 
> 
> (And I'll get on to my issue of Exchange front end / back ends and the
> same setup later, but I'm getting in the ear / neck too much with this
> problem
> first!)
> 
> Help!
> 
> Cheers
> 
> Jules W.
> 
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> greg@xxxxxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jules@xxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jules@xxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 


Other related posts: