RE: VPN Client cannot RDP to server on LAN
- From: "Stefaan Pouseele" <stefaan.pouseele@xxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 5 Jan 2006 23:42:30 +0100
Hi Tom,
that was also my first thought but the empty rule column and
'FWX_E_NETWORK_RULES_DENIED' bothered me... ;-)
Thanks,
Stefaan
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: donderdag 5 januari 2006 22:38
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: VPN Client cannot RDP to server on LAN
http://www.ISAserver.org
Hi Stefaan,
Good idea, but I thought this was unlikely because there is a default
Network Rule in place, so you don't need to create it.
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**
> -----Original Message-----
> From: Stefaan Pouseele [mailto:stefaan.pouseele@xxxxxxxxx]
> Sent: Thursday, January 05, 2006 2:38 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: VPN Client cannot RDP to server on LAN
>
> http://www.ISAserver.org
>
> Hi Danny,
>
> Because the rule column is empty, check out if there is a
> *network* rule
> defined for the commmunication between the VPN clients and the
> Internal network?
>
> HTH,
> Stefaan
>
> -----Original Message-----
> From: Danny [mailto:nocmonkey@xxxxxxxxx]
> Sent: donderdag 5 januari 2006 20:19
> To: [ISAserver.org Discussion List]
> Subject: [isalist] VPN Client cannot RDP to server on LAN
>
> http://www.ISAserver.org
>
> ISA 2004 SP1 on Win2003 STD SP1, just activated PPTP VPN through ISA
> mgmt console, created Access/Allow rule (there are no pre-existing
> deny rules - except for the default) for all Outbound protocols, From
> VPN Clients, To All Protected Networks, All users, yet an RDP
> connection to a server on the LAN is denied (see log below). I can
> RDP to the ISA server, but just not other servers.
>
> The odd part, in the firewall log, the rule column is empty, whereas
> most denies occurd due to the Default Deny Rule.
>
> Any assistance would be much appreciated.
>
> <Excuse the line wrap>
>
> Original Client IP Client Agent Authenticated Client Service Server
> Name Referring Server Destination Host Name Transport MIME Type Object
> Source Source Proxy Destination Proxy Bidirectional Client Host Name
> Filter Information Network Interface Raw IP Header Raw Payload Source
> Port Processing Time Bytes Sent Bytes Received Result Code HTTP Status
> Code Cache Information Error Information Log Record Type Log Time
> Destination IP Destination Port Protocol Action Rule Client IP Client
> Username Source Network Destination Network HTTP Method URL
> 192.168.1.130 MS-ISA - TCP - -
> 1396 0 0 0 0xc0040012 FWX_E_NETWORK_RULES_DENIED 0x0 0x0 Firewall
> 05/01/2006
> 1:55:25 PM
> 192.168.1.253 3389 RDP (Terminal Services) Denied Connection
> 192.168.1.130 VPN Clients Internal - - 192.168.1.130 MS-ISA - TCP - -
> 1396 0 0 0
> 0xc0040012 FWX_E_NETWORK_RULES_DENIED 0x0 0x0 Firewall
> 05/01/2006 1:55:28 PM
> 192.168.1.253 3389 RDP (Terminal Services) Denied Connection
> 192.168.1.130 VPN Clients Internal - -
>
Other related posts:
