RE: Step by step ISA/E2K configuration
- From: "Jay Apolinario" <japolinario@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 8 Jan 2003 13:53:45 -0500
Jason attached ISASINFO regarding 403
Report created by IsaInfo version 1.4
System Date and Time: 1/8/2003 10:55:32 AM
****************************************************************
COMPUTER PROPERTIES
****************************************************************
Server Name : HQ-SYS-PX-02
Server FQDN : hq-sys-px-02.abchome.com
ISA Version : 3.0.1200.235 SP1 FP1
Created : 12/16/2002 4:37:42 PM
Intra Array Address : 190.100.100.67
Load Factor : 100
****************************************************************
INSTALLED HOTFIXES
****************************************************************
Error reading Hotfixes..
Service Pack Information
========================
Service Pack Number : 1
Service Pack Version : 166
Service Pack Files :
browser.map,bwserver.dll,dailysum.exe,fltrsnk1.dll,ftpfltr.dll,gkadm.dll,gksvc.dll,h323asn1.dll,h323fltr.dll,h323snap.dll,hfperf.dll,httpadm.dll,httpfltr.dll,issdnsad.dll,issfltr.dll,latui.dll,msfpc.dll,msfpccom.dll,msfpcsnp.dll,msfpcui.dll,mspadmin.exe,mspapi.dll,mspfltex.sys,msphlpr.dll,mspmsg.dll,mspnat.sys,os.map,prxatq.dll,repgen.exe,repsnap.dll,rpcfltr.dll,rws32.dll,smtpcred.exe,smtpfadm.dll,smtpfltr.dll,socksadm.dll,socksflt.dll,stpext32.dll,stpsrvex.dll,strmadmn.dll,strmfltr.dll,sumgen.dll,vps2.dll,w3prefch.exe,w3proxy.exe,wspcpl32.cpl,wspsrv.exe,wspwsp.dll
Installation Date : Tue Jan 07 13:16:11 2003
KB Articles : Q313249
****************************************************************
SERVER / ARRAY PROPERTIES
****************************************************************
Server Name : HQ-SYS-PX-02
Created : 12/16/2002 4:37:42 PM
Type : Standard Edition
Outgoing Web Requests
Use the same listener configuration for all internal IP Addresses : True
Server Name : HQ-SYS-PX-02
Use basic with domain :
TCP Port : 8080
SSL Port : 0
Number of connections : Unlimited
Connection Timeout (seconds) : 120
Ask unauthenticated users for identification : False
Resolve requests in array before routing : True
Incoming Web Requests
Configure listeners individually by IP Address: True
Server Name : HQ-SYS-PX-02
IP Address : 12.98.169.27
Authentication :
Use basic with domain : abchome.com
TCP Port : 80
SSL Port : 0
Number of connections : Unlimited
Connection Timeout (seconds) : 120
Ask unauthenticated users for identification : False
Resolve requests in array before routing : False
Pulish automatic discovery infomation : False
****************************************************************
ALERTS
****************************************************************
Server Name : HQ-SYS-PX-02
Alert Name : Service shutdown
Description : The service was stopped gracefully.
Active Since : 1/8/2003 9:11:08 AM
Alert Name : Service started
Description : Service started.
Active Since : 1/8/2003 8:35:42 AM
****************************************************************
SERVICES
****************************************************************
Server Name : HQ-SYS-PX-02
Web Proxy Service :
Status : Running
Sessions : 0
Uptime : 4064 seconds
Firewall Service :
Status : Running
Sessions : 1
Uptime : 4061 seconds
Scheduled Content Download Service :
****************************************************************
SITE AND CONTENT RULES
****************************************************************
Site and Content Rule Name : Allow rule
Enabled : True
Rule Applies to : All Destinations
Access to the specified destinations : Allowed
Rule Applies to : Any Request
Rule Applies to : All Content Types
****************************************************************
PROTOCOL RULES
****************************************************************
Protocol Rule Name : ABCInternet
Enabled : False
Action taken with requests : Allow
Rule applies to : Selected Protocols
Protocols : Any RPC Server , Archie , Chargen(TCP) , Chargen(UDP) ,
Daytime(TCP) , Daytime(UDP) , Discard(TCP) , Discard(UDP) , DNS Query , DNS
Query Server , DNS Zone Transfer , DNS Zone Transfer Server , Echo (TCP) , Echo
(UDP) , Exchange RPC Server , Finger , FTP , FTP Download only , FTP Server ,
Gopher , H.323 Protocol , HTTP , HTTPS , HTTPS Server , ICA , ICQ , ICQ 2000 ,
Ident , IMAP4 , IMAP4 Server , IMAPS , IMAPS Server , IRC , Kerberos-Adm(TCP) ,
Kerberos-Adm(UDP) , Kerberos-IV , Kerberos-Sec(TCP) , Kerberos-Sec(UDP) , LDAP
, LDAP GC (Global Catalog) , LDAPS , LDAPS GC (Global Catalog) , Microsoft SQL
Server , MMS - Windows Media , MMS - Windows Media Server , MSN , MSN Messenger
, Net2Phone , Net2Phone registration , NetBios Datagram , NetBios Name Service
, NetBios Session , NNTP , NNTP Server , NNTPS , NNTPS Server , NTP (UDP) , PNM
- RealNetworks protocol (Client) , PNM - RealNetworks protocol (Server) , POP2
, POP3 , POP3 Server , POP3S , POP3S Server , Quote (TCP) , Quote (UDP) ,
RADIUS , RADIUS Accounting , RDP (Terminal Services) , RIP , Rlogin , RTSP ,
RTSP Server , SMTP , SMTP Server , SMTPS , SMTPS Server , SNMP , SNMP Trap ,
SSH , Telnet , Telnet Server , TFTP , Time (TCP) , Time (UDP) , WhoIs ,
Rule Applies to : Specified Client Set
Client Set Specified : LocalSet ,
Protocol Rule Name : ABCIntranet
Enabled : True
Action taken with requests : Allow
Rule applies to : All IP Traffic
Rule Applies to : Any Request
****************************************************************
IP PACKET FILTERS
****************************************************************
Enable Packet Filtering : False
PPTP though ISA firewall : True
Packet Filter Name : DHCP Client
Enabled : False
Filter Mode : Allow
Filter Type : Custom
Protocol : UDP
Direction : Inbound and Outbound
Local Port : 68
Remote Port : 67
Local Computer Filter Applies to this IP : 0.0.0.0
Remote Computer Filter Applies to : All Remote Computers
Packet Filter Name : DNS filter
Enabled : True
Filter Mode : Allow
Predefined Filter : DNS Lookup
Local Computer Filter Applies to : Default External IP
Remote Computer Filter Applies to : All Remote Computers
Packet Filter Name : ICMP outbound
Enabled : True
Filter Mode : Allow
Predefined Filter : ICMP all outbound
Local Computer Filter Applies to : Default External IP
Remote Computer Filter Applies to : All Remote Computers
Packet Filter Name : ICMP ping response (in)
Enabled : True
Filter Mode : Allow
Predefined Filter : ICMP ping response
Local Computer Filter Applies to : Default External IP
Remote Computer Filter Applies to : All Remote Computers
Packet Filter Name : ICMP source quench
Enabled : True
Filter Mode : Allow
Predefined Filter : ICMP source quench
Local Computer Filter Applies to : Default External IP
Remote Computer Filter Applies to : All Remote Computers
Packet Filter Name : ICMP timeout in
Enabled : True
Filter Mode : Allow
Predefined Filter : ICMP timeout
Local Computer Filter Applies to : Default External IP
Remote Computer Filter Applies to : All Remote Computers
Packet Filter Name : ICMP unreachable in
Enabled : True
Filter Mode : Allow
Predefined Filter : ICMP unreachable
Local Computer Filter Applies to : Default External IP
Remote Computer Filter Applies to : All Remote Computers
Packet Filter Name : SecureNAT PPTP
Enabled : True
Filter Mode : Allow
Predefined Filter : PPTP call
Local Computer Filter Applies to : Default External IP
Remote Computer Filter Applies to : All Remote Computers
****************************************************************
WEB PUBLISHING RULES
****************************************************************
Web Publishing Rule Name : OWA Access Rule
Enabled : True
Rule Applies to : Selected Destination Set
Destination Set Used : OWA
Action : Redirect to hq-sys-ex-01
Send Original Host Header : False
HTTP Redirect Port : 80
SSL Redirect Port : 443
FTP Redirect Port : 21
Redirect HTTP requests as : HTTP Requests
Redirect SSL requests as : SSL Requests
Require SSL for Published Site : False
Rule Applies to : Any Request
Web Publishing Rule Name : Default rule
Enabled : True
Rule Applies to : All Destinations
Action : Discard the request
Redirect HTTP requests as : HTTP Requests
Redirect SSL requests as : HTTP Requests
Require SSL for Published Site : False
Rule Applies to : Any Request
****************************************************************
SERVER PUBLISHING RULES
****************************************************************
Server Publishing Rule Name : Mail wizard rule - Exchange RPC Server. Published
IP: 12.98.169.27
Description : HQ-SYS-EX-01
Enabled : True
IP Address of Internal Server : 190.100.30.2
External IP Address on ISA Server : 12.98.169.27
Protocol Used : Exchange RPC Server
Primary Port Used by Protocol : 135
Rule Applies to : Any Request
****************************************************************
BANDWIDTH RULES
****************************************************************
Enable Bandwidth Control : False
BandWidth Rule Name : Default rule
Enabled : True
Rule applies to : All IP Traffic
Rule Applies to : All Destinations
Rule Applies to : Any Request
Rule Applies to : All Content Types
BandWidthPriority : Default bandwidth priority
* schedule deleted by jay due to e-mail size requirement
BANDWIDTH PRIORITIES
****************************************************************
BandWidth Priority Name : Default bandwidth priority
Outbound Bandwidth : 100
Inbound Bandwidth : 100
****************************************************************
DESTINATION SETS
****************************************************************
Destination Set Name : OWA
Description : Inbound OWA
SingleIP: 190.100.30.2
Path: /public/*
SingleIP: 190.100.30.2
Path: /exchange/*
SingleIP: 190.100.30.2
Path: /exchweb/*
****************************************************************
CLIENT ADDRESS SETS
****************************************************************
Client Address Set Name : LocalSet
Description : HQ
IP Range : 190.100.0.1 - 190.100.255.255
*
****************************************************************
Server Name : HQ-SYS-PX-02
Total Current Cache Size (MB) : 0
Total Disk Size (MB) : 38161
Total Free Space (MB) : 34560
Name : C:
Files System : NTFS
Current Cache (MB) : 0
Disk Size (MB) : 38161
Disk Free Space (MB) : 34560
****************************************************************
APPLICATION FILTERS
****************************************************************
Application Filter Name : SMTP Filter
Description : Filters SMTP traffic
Enabled : True
Application Filter Name : SOCKS V4 Filter
Description : Enables SOCKS 4 communication
Enabled : True
Application Filter Name : Streaming Media Filter
Description : Enables streaming protocols
Enabled : True
Application Filter Name : HTTP Redirector Filter
Description : Redirects requests from Firewall and SecureNAT clients to
the Web Proxy service
Enabled : True
Application Filter Name : FTP Access Filter
Description : Enables FTP protocols (client and server)
Enabled : True
Application Filter Name : DNS intrusion detection filter
Description : Intercepts and analyzes DNS traffic destined for the
internal network
Enabled : True
Application Filter Name : POP intrusion detection filter
Description : Checks for POP buffer overflow attacks
Enabled : True
Application Filter Name : RPC Filter
Description : Enables publishing of RPC servers
Enabled : True
Application Filter Name : H.323 Filter
Description : Microsoft H.323 filter
Enabled : True
****************************************************************
WEB FILTERS
****************************************************************
Web Filter Name : Link Translator Filter
Description : Enables use of link translation dictionaries
Enabled : False
Order : 1
Vendor : Microsoft
****************************************************************
NETWORK CONFIGURATION
****************************************************************
To route requests to upstream servers :
Use Primary Connection
****************************************************************
ROUTING RULES
****************************************************************
Routing Rule Name : Default rule
Enabled : True
Order : 1
Rule Applies to : All Destinations
Process Requests by : Retrieving them directly from the specified
destination
Use DialUp Entry for Primary Route : False
Use DialUp Entry for Backup Route : False
Search cache for : A valid version of the object, retrieve if necessary
Cache Content : If source and request headers indicate to cache
Redirect HTTP requests as : HTTP Requests
Redirect SSL requests as : HTTP Requests
Require SSL for Published Site : False
****************************************************************
LAT
****************************************************************
Description : None
From : 10.0.0.0
To : 10.255.255.255
Description : None
From : 169.254.0.0
To : 169.254.255.255
Description : None
From : 172.16.0.0
To : 172.31.255.255
Description : None
From : 190.100.0.0
To : 190.100.255.255
Description : None
From : 192.168.0.0
To : 192.168.255.255
****************************************************************
LDT
****************************************************************
****************************************************************
FIREWALL CLIENT CONFIGURATION
****************************************************************
Clients Connect to ISA Server by DNS Name : HQ-SYS-PX-02
Enable ISA Firewall automatic discovery in Firewall Client : False
Firewall Client Application Settings:
[exchng32]
- Disable: 0
[icq]
- RemoteBindUdpPorts: 0
- ServerBindTcpPorts: 0,1025-5000
- NameResolutionForLocalHost: P
[inetinfo]
- Disable: 1
[kernel32]
- Disable: 1
[lsass]
- Disable: 1
[mapisp32]
- Disable: 0
[net2fone]
- ServerBindTcpPorts: 0
[outlook]
- Disable: 0
[raplayer]
- RemoteBindUdpPorts: 6970-7170
- LocalBindTcpPorts: 7070
[realplay]
- RemoteBindUdpPorts: 6970-7170
- LocalBindTcpPorts: 7070
[rpcss]
- Disable: 1
[rvplayer]
- RemoteBindUdpPorts: 6970-7170
- LocalBindTcpPorts: 7070
[services]
- Disable: 1
[spoolss]
- Disable: 1
[svchost]
- Disable: 1
[w3proxy]
- Disable: 1
[winlogon]
- Disable: 1
[wspsrv]
- Disable: 1
****************************************************************
WEB BROWSER CONFIGURATION
****************************************************************
Configure web browser during firewall client setup : True
DNS Name : HQ-SYS-PX-02
Automatically discover settings : False
Bypass proxy for local servers : True
Directly access computers specified in the LDT : True
Directly access these servers or domains :
If ISA Server is unavailabe, use backup route : False
****************************************************************
GATEKEEPER CONFIGURATION
****************************************************************
DESTINATIONS
============
PHONE NUMBER RULES
==================
Name : Local
Enabled : True
Description : All aliases are resolved using the local registration
database
Prefix or Phone Number :
Route all phone numbers using this prefix : True
Metric : 1
Destination Type : Registration Database
EMAIL ADDRESS RULES
===================
Name : Local
Enabled : True
Description : All aliases are resolved using the local registration
database
DNS Domain Name :
Route all e-mail addresses using this DNS Domain Name : True
Metric : 1
Destination Type : Registration Database
IP ADDRESS RULES
================
Name : Class A
Enabled : True
Description : No address translation is performed
IP Address : 0.0.0.0/1
Metric : 1
Destination Type : Local Network
Name : Class B
Enabled : True
Description : No address translation is performed
IP Address : 128.0.0.0/2
Metric : 1
Destination Type : Local Network
Name : Class C
Enabled : True
Description : No address translation is performed
IP Address : 192.0.0.0/3
Metric : 1
Destination Type : Local Network
****************************************************************
ENTERPRISE CONFIGURATION
****************************************************************
This is not an Enterprise Array.
*
System Log Events
=================
****************************************************************
NETWORK INFORMATION
****************************************************************
IPCONFIG /ALL
=============
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : hq-sys-px-02
Primary DNS Suffix . . . . . . . : abchome.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : abchome.com
Ethernet adapter Internet Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI For
Complete PC Management NIC (3C905C-TX) #2
Physical Address. . . . . . . . . : 00-01-03-E9-2F-0E
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 12.98.169.27
Subnet Mask . . . . . . . . . . . : 255.255.255.248
Default Gateway . . . . . . . . . : 12.98.169.25
DNS Servers . . . . . . . . . . . : 12.127.17.71
12.127.16.67
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/100 VM Network
Connection
Physical Address. . . . . . . . . : 00-08-02-BE-A3-AC
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 190.100.100.67
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 190.100.100.48
NetBIOS over Tcpip. . . . . . . . : Disabled
ROUTE PRINT
===========
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x1000003 ...00 08 02 be a3 ac ...... Intel 8255x-based Integrated Fast
Ethernet (Microsoft's Packet Scheduler)
0x1000004 ...00 01 03 e9 2f 0e ...... 3Com EtherLink PCI (Microsoft's Packet
Scheduler)
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 12.98.169.25 12.98.169.27 1
12.98.169.24 255.255.255.248 12.98.169.27 12.98.169.27 1
12.98.169.27 255.255.255.255 127.0.0.1 127.0.0.1 1
12.255.255.255 255.255.255.255 12.98.169.27 12.98.169.27 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
190.100.0.0 255.255.0.0 190.100.100.67 190.100.100.67 1
190.100.100.67 255.255.255.255 127.0.0.1 127.0.0.1 1
190.100.255.255 255.255.255.255 190.100.100.67 190.100.100.67 1
224.0.0.0 224.0.0.0 12.98.169.27 12.98.169.27 1
224.0.0.0 224.0.0.0 190.100.100.67 190.100.100.67 1
255.255.255.255 255.255.255.255 190.100.100.67 190.100.100.67 1
Default Gateway: 12.98.169.25
===========================================================================
Persistent Routes:
None
Other related posts:
