Jason attached ISASINFO regarding 403
Report created by IsaInfo version 1.4 System Date and Time: 1/8/2003 10:55:32 AM **************************************************************** COMPUTER PROPERTIES **************************************************************** Server Name : HQ-SYS-PX-02 Server FQDN : hq-sys-px-02.abchome.com ISA Version : 3.0.1200.235 SP1 FP1 Created : 12/16/2002 4:37:42 PM Intra Array Address : 190.100.100.67 Load Factor : 100 **************************************************************** INSTALLED HOTFIXES **************************************************************** Error reading Hotfixes.. Service Pack Information ======================== Service Pack Number : 1 Service Pack Version : 166 Service Pack Files : browser.map,bwserver.dll,dailysum.exe,fltrsnk1.dll,ftpfltr.dll,gkadm.dll,gksvc.dll,h323asn1.dll,h323fltr.dll,h323snap.dll,hfperf.dll,httpadm.dll,httpfltr.dll,issdnsad.dll,issfltr.dll,latui.dll,msfpc.dll,msfpccom.dll,msfpcsnp.dll,msfpcui.dll,mspadmin.exe,mspapi.dll,mspfltex.sys,msphlpr.dll,mspmsg.dll,mspnat.sys,os.map,prxatq.dll,repgen.exe,repsnap.dll,rpcfltr.dll,rws32.dll,smtpcred.exe,smtpfadm.dll,smtpfltr.dll,socksadm.dll,socksflt.dll,stpext32.dll,stpsrvex.dll,strmadmn.dll,strmfltr.dll,sumgen.dll,vps2.dll,w3prefch.exe,w3proxy.exe,wspcpl32.cpl,wspsrv.exe,wspwsp.dll Installation Date : Tue Jan 07 13:16:11 2003 KB Articles : Q313249 **************************************************************** SERVER / ARRAY PROPERTIES **************************************************************** Server Name : HQ-SYS-PX-02 Created : 12/16/2002 4:37:42 PM Type : Standard Edition Outgoing Web Requests Use the same listener configuration for all internal IP Addresses : True Server Name : HQ-SYS-PX-02 Use basic with domain : TCP Port : 8080 SSL Port : 0 Number of connections : Unlimited Connection Timeout (seconds) : 120 Ask unauthenticated users for identification : False Resolve requests in array before routing : True Incoming Web Requests Configure listeners individually by IP Address: True Server Name : HQ-SYS-PX-02 IP Address : 12.98.169.27 Authentication : Use basic with domain : abchome.com TCP Port : 80 SSL Port : 0 Number of connections : Unlimited Connection Timeout (seconds) : 120 Ask unauthenticated users for identification : False Resolve requests in array before routing : False Pulish automatic discovery infomation : False **************************************************************** ALERTS **************************************************************** Server Name : HQ-SYS-PX-02 Alert Name : Service shutdown Description : The service was stopped gracefully. Active Since : 1/8/2003 9:11:08 AM Alert Name : Service started Description : Service started. Active Since : 1/8/2003 8:35:42 AM **************************************************************** SERVICES **************************************************************** Server Name : HQ-SYS-PX-02 Web Proxy Service : Status : Running Sessions : 0 Uptime : 4064 seconds Firewall Service : Status : Running Sessions : 1 Uptime : 4061 seconds Scheduled Content Download Service : **************************************************************** SITE AND CONTENT RULES **************************************************************** Site and Content Rule Name : Allow rule Enabled : True Rule Applies to : All Destinations Access to the specified destinations : Allowed Rule Applies to : Any Request Rule Applies to : All Content Types **************************************************************** PROTOCOL RULES **************************************************************** Protocol Rule Name : ABCInternet Enabled : False Action taken with requests : Allow Rule applies to : Selected Protocols Protocols : Any RPC Server , Archie , Chargen(TCP) , Chargen(UDP) , Daytime(TCP) , Daytime(UDP) , Discard(TCP) , Discard(UDP) , DNS Query , DNS Query Server , DNS Zone Transfer , DNS Zone Transfer Server , Echo (TCP) , Echo (UDP) , Exchange RPC Server , Finger , FTP , FTP Download only , FTP Server , Gopher , H.323 Protocol , HTTP , HTTPS , HTTPS Server , ICA , ICQ , ICQ 2000 , Ident , IMAP4 , IMAP4 Server , IMAPS , IMAPS Server , IRC , Kerberos-Adm(TCP) , Kerberos-Adm(UDP) , Kerberos-IV , Kerberos-Sec(TCP) , Kerberos-Sec(UDP) , LDAP , LDAP GC (Global Catalog) , LDAPS , LDAPS GC (Global Catalog) , Microsoft SQL Server , MMS - Windows Media , MMS - Windows Media Server , MSN , MSN Messenger , Net2Phone , Net2Phone registration , NetBios Datagram , NetBios Name Service , NetBios Session , NNTP , NNTP Server , NNTPS , NNTPS Server , NTP (UDP) , PNM - RealNetworks protocol (Client) , PNM - RealNetworks protocol (Server) , POP2 , POP3 , POP3 Server , POP3S , POP3S Server , Quote (TCP) , Quote (UDP) , RADIUS , RADIUS Accounting , RDP (Terminal Services) , RIP , Rlogin , RTSP , RTSP Server , SMTP , SMTP Server , SMTPS , SMTPS Server , SNMP , SNMP Trap , SSH , Telnet , Telnet Server , TFTP , Time (TCP) , Time (UDP) , WhoIs , Rule Applies to : Specified Client Set Client Set Specified : LocalSet , Protocol Rule Name : ABCIntranet Enabled : True Action taken with requests : Allow Rule applies to : All IP Traffic Rule Applies to : Any Request **************************************************************** IP PACKET FILTERS **************************************************************** Enable Packet Filtering : False PPTP though ISA firewall : True Packet Filter Name : DHCP Client Enabled : False Filter Mode : Allow Filter Type : Custom Protocol : UDP Direction : Inbound and Outbound Local Port : 68 Remote Port : 67 Local Computer Filter Applies to this IP : 0.0.0.0 Remote Computer Filter Applies to : All Remote Computers Packet Filter Name : DNS filter Enabled : True Filter Mode : Allow Predefined Filter : DNS Lookup Local Computer Filter Applies to : Default External IP Remote Computer Filter Applies to : All Remote Computers Packet Filter Name : ICMP outbound Enabled : True Filter Mode : Allow Predefined Filter : ICMP all outbound Local Computer Filter Applies to : Default External IP Remote Computer Filter Applies to : All Remote Computers Packet Filter Name : ICMP ping response (in) Enabled : True Filter Mode : Allow Predefined Filter : ICMP ping response Local Computer Filter Applies to : Default External IP Remote Computer Filter Applies to : All Remote Computers Packet Filter Name : ICMP source quench Enabled : True Filter Mode : Allow Predefined Filter : ICMP source quench Local Computer Filter Applies to : Default External IP Remote Computer Filter Applies to : All Remote Computers Packet Filter Name : ICMP timeout in Enabled : True Filter Mode : Allow Predefined Filter : ICMP timeout Local Computer Filter Applies to : Default External IP Remote Computer Filter Applies to : All Remote Computers Packet Filter Name : ICMP unreachable in Enabled : True Filter Mode : Allow Predefined Filter : ICMP unreachable Local Computer Filter Applies to : Default External IP Remote Computer Filter Applies to : All Remote Computers Packet Filter Name : SecureNAT PPTP Enabled : True Filter Mode : Allow Predefined Filter : PPTP call Local Computer Filter Applies to : Default External IP Remote Computer Filter Applies to : All Remote Computers **************************************************************** WEB PUBLISHING RULES **************************************************************** Web Publishing Rule Name : OWA Access Rule Enabled : True Rule Applies to : Selected Destination Set Destination Set Used : OWA Action : Redirect to hq-sys-ex-01 Send Original Host Header : False HTTP Redirect Port : 80 SSL Redirect Port : 443 FTP Redirect Port : 21 Redirect HTTP requests as : HTTP Requests Redirect SSL requests as : SSL Requests Require SSL for Published Site : False Rule Applies to : Any Request Web Publishing Rule Name : Default rule Enabled : True Rule Applies to : All Destinations Action : Discard the request Redirect HTTP requests as : HTTP Requests Redirect SSL requests as : HTTP Requests Require SSL for Published Site : False Rule Applies to : Any Request **************************************************************** SERVER PUBLISHING RULES **************************************************************** Server Publishing Rule Name : Mail wizard rule - Exchange RPC Server. Published IP: 12.98.169.27 Description : HQ-SYS-EX-01 Enabled : True IP Address of Internal Server : 190.100.30.2 External IP Address on ISA Server : 12.98.169.27 Protocol Used : Exchange RPC Server Primary Port Used by Protocol : 135 Rule Applies to : Any Request **************************************************************** BANDWIDTH RULES **************************************************************** Enable Bandwidth Control : False BandWidth Rule Name : Default rule Enabled : True Rule applies to : All IP Traffic Rule Applies to : All Destinations Rule Applies to : Any Request Rule Applies to : All Content Types BandWidthPriority : Default bandwidth priority * schedule deleted by jay due to e-mail size requirement BANDWIDTH PRIORITIES **************************************************************** BandWidth Priority Name : Default bandwidth priority Outbound Bandwidth : 100 Inbound Bandwidth : 100 **************************************************************** DESTINATION SETS **************************************************************** Destination Set Name : OWA Description : Inbound OWA SingleIP: 190.100.30.2 Path: /public/* SingleIP: 190.100.30.2 Path: /exchange/* SingleIP: 190.100.30.2 Path: /exchweb/* **************************************************************** CLIENT ADDRESS SETS **************************************************************** Client Address Set Name : LocalSet Description : HQ IP Range : 190.100.0.1 - 190.100.255.255 * **************************************************************** Server Name : HQ-SYS-PX-02 Total Current Cache Size (MB) : 0 Total Disk Size (MB) : 38161 Total Free Space (MB) : 34560 Name : C: Files System : NTFS Current Cache (MB) : 0 Disk Size (MB) : 38161 Disk Free Space (MB) : 34560 **************************************************************** APPLICATION FILTERS **************************************************************** Application Filter Name : SMTP Filter Description : Filters SMTP traffic Enabled : True Application Filter Name : SOCKS V4 Filter Description : Enables SOCKS 4 communication Enabled : True Application Filter Name : Streaming Media Filter Description : Enables streaming protocols Enabled : True Application Filter Name : HTTP Redirector Filter Description : Redirects requests from Firewall and SecureNAT clients to the Web Proxy service Enabled : True Application Filter Name : FTP Access Filter Description : Enables FTP protocols (client and server) Enabled : True Application Filter Name : DNS intrusion detection filter Description : Intercepts and analyzes DNS traffic destined for the internal network Enabled : True Application Filter Name : POP intrusion detection filter Description : Checks for POP buffer overflow attacks Enabled : True Application Filter Name : RPC Filter Description : Enables publishing of RPC servers Enabled : True Application Filter Name : H.323 Filter Description : Microsoft H.323 filter Enabled : True **************************************************************** WEB FILTERS **************************************************************** Web Filter Name : Link Translator Filter Description : Enables use of link translation dictionaries Enabled : False Order : 1 Vendor : Microsoft **************************************************************** NETWORK CONFIGURATION **************************************************************** To route requests to upstream servers : Use Primary Connection **************************************************************** ROUTING RULES **************************************************************** Routing Rule Name : Default rule Enabled : True Order : 1 Rule Applies to : All Destinations Process Requests by : Retrieving them directly from the specified destination Use DialUp Entry for Primary Route : False Use DialUp Entry for Backup Route : False Search cache for : A valid version of the object, retrieve if necessary Cache Content : If source and request headers indicate to cache Redirect HTTP requests as : HTTP Requests Redirect SSL requests as : HTTP Requests Require SSL for Published Site : False **************************************************************** LAT **************************************************************** Description : None From : 10.0.0.0 To : 10.255.255.255 Description : None From : 169.254.0.0 To : 169.254.255.255 Description : None From : 172.16.0.0 To : 172.31.255.255 Description : None From : 190.100.0.0 To : 190.100.255.255 Description : None From : 192.168.0.0 To : 192.168.255.255 **************************************************************** LDT **************************************************************** **************************************************************** FIREWALL CLIENT CONFIGURATION **************************************************************** Clients Connect to ISA Server by DNS Name : HQ-SYS-PX-02 Enable ISA Firewall automatic discovery in Firewall Client : False Firewall Client Application Settings: [exchng32] - Disable: 0 [icq] - RemoteBindUdpPorts: 0 - ServerBindTcpPorts: 0,1025-5000 - NameResolutionForLocalHost: P [inetinfo] - Disable: 1 [kernel32] - Disable: 1 [lsass] - Disable: 1 [mapisp32] - Disable: 0 [net2fone] - ServerBindTcpPorts: 0 [outlook] - Disable: 0 [raplayer] - RemoteBindUdpPorts: 6970-7170 - LocalBindTcpPorts: 7070 [realplay] - RemoteBindUdpPorts: 6970-7170 - LocalBindTcpPorts: 7070 [rpcss] - Disable: 1 [rvplayer] - RemoteBindUdpPorts: 6970-7170 - LocalBindTcpPorts: 7070 [services] - Disable: 1 [spoolss] - Disable: 1 [svchost] - Disable: 1 [w3proxy] - Disable: 1 [winlogon] - Disable: 1 [wspsrv] - Disable: 1 **************************************************************** WEB BROWSER CONFIGURATION **************************************************************** Configure web browser during firewall client setup : True DNS Name : HQ-SYS-PX-02 Automatically discover settings : False Bypass proxy for local servers : True Directly access computers specified in the LDT : True Directly access these servers or domains : If ISA Server is unavailabe, use backup route : False **************************************************************** GATEKEEPER CONFIGURATION **************************************************************** DESTINATIONS ============ PHONE NUMBER RULES ================== Name : Local Enabled : True Description : All aliases are resolved using the local registration database Prefix or Phone Number : Route all phone numbers using this prefix : True Metric : 1 Destination Type : Registration Database EMAIL ADDRESS RULES =================== Name : Local Enabled : True Description : All aliases are resolved using the local registration database DNS Domain Name : Route all e-mail addresses using this DNS Domain Name : True Metric : 1 Destination Type : Registration Database IP ADDRESS RULES ================ Name : Class A Enabled : True Description : No address translation is performed IP Address : 0.0.0.0/1 Metric : 1 Destination Type : Local Network Name : Class B Enabled : True Description : No address translation is performed IP Address : 128.0.0.0/2 Metric : 1 Destination Type : Local Network Name : Class C Enabled : True Description : No address translation is performed IP Address : 192.0.0.0/3 Metric : 1 Destination Type : Local Network **************************************************************** ENTERPRISE CONFIGURATION **************************************************************** This is not an Enterprise Array. * System Log Events ================= **************************************************************** NETWORK INFORMATION **************************************************************** IPCONFIG /ALL ============= Windows 2000 IP Configuration Host Name . . . . . . . . . . . . : hq-sys-px-02 Primary DNS Suffix . . . . . . . : abchome.com Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : abchome.com Ethernet adapter Internet Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI For Complete PC Management NIC (3C905C-TX) #2 Physical Address. . . . . . . . . : 00-01-03-E9-2F-0E DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 12.98.169.27 Subnet Mask . . . . . . . . . . . : 255.255.255.248 Default Gateway . . . . . . . . . : 12.98.169.25 DNS Servers . . . . . . . . . . . : 12.127.17.71 12.127.16.67 NetBIOS over Tcpip. . . . . . . . : Disabled Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) PRO/100 VM Network Connection Physical Address. . . . . . . . . : 00-08-02-BE-A3-AC DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 190.100.100.67 Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : DNS Servers . . . . . . . . . . . : 190.100.100.48 NetBIOS over Tcpip. . . . . . . . : Disabled ROUTE PRINT =========== =========================================================================== Interface List 0x1 ........................... MS TCP Loopback interface 0x1000003 ...00 08 02 be a3 ac ...... Intel 8255x-based Integrated Fast Ethernet (Microsoft's Packet Scheduler) 0x1000004 ...00 01 03 e9 2f 0e ...... 3Com EtherLink PCI (Microsoft's Packet Scheduler) =========================================================================== =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 12.98.169.25 12.98.169.27 1 12.98.169.24 255.255.255.248 12.98.169.27 12.98.169.27 1 12.98.169.27 255.255.255.255 127.0.0.1 127.0.0.1 1 12.255.255.255 255.255.255.255 12.98.169.27 12.98.169.27 1 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 190.100.0.0 255.255.0.0 190.100.100.67 190.100.100.67 1 190.100.100.67 255.255.255.255 127.0.0.1 127.0.0.1 1 190.100.255.255 255.255.255.255 190.100.100.67 190.100.100.67 1 224.0.0.0 224.0.0.0 12.98.169.27 12.98.169.27 1 224.0.0.0 224.0.0.0 190.100.100.67 190.100.100.67 1 255.255.255.255 255.255.255.255 190.100.100.67 190.100.100.67 1 Default Gateway: 12.98.169.25 =========================================================================== Persistent Routes: None