Protocol: Any Direction: Both Why would you not expect to see open ports? ISA is letting everything through to your public IP PC. If the ports are not closed on it and they are not filtered on ISA, then nmap -sA will find them (at least, the TCP ones). You need to do at least one of three things: 1) Filter the ports on ISA 2) Filter the ports on the Public IP PC 3) Stop the services on the Public IP PC that are opening unwanted ports. I would recommend doing all three. -----Original Message----- From: Nigel Carroll [mailto:nigel@xxxxxxxxxxxxxxx] Sent: Thursday, January 24, 2002 09:46 To: [ISAserver.org Discussion List] Subject: [isalist] Why can internal PC see open ports? http://www.ISAserver.org When running a scan against my ISA server's Public IP FROM PC (see below) it reports that various ports are open which I'd expect to be closed. This is not what I expected as I'd like PC to be treated as potentially hostile and don't want it to have access to ANY ports. Could anyone tell me what I may have wrong with my configuration - see below: Thanks Nigel Internet | | External NIC (Public IP in Subnet1) ISA Server Internal NIC (Multihomed with 1 private & 1 PUBLIC IP in Subnet2) | \ | \ | \ LAN PC (PUBLIC IP in Subnet2) To enable internet access to the PC I have created a packet filter as follows: Protocol: Any Direction: Both Local computer: This computer (on the perimeter network) - and entered PC's public IP In order to get traffic through I found I also had to enable a protocol filter that allows everything but I restricted to PCs public IP. ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: gary.anderson@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')