Just an IOS access-list suggestion: access-list 100 deny udp any 192.168.1.0 0.0.0.255 range 135 139 access-list 101 deny udp any range 135 139 192.168.1.0 0.0.0.255 access-list 101 deny tcp any 192.168.1.0 0.0.0.255 range 135 139 access-list 101 deny tcp any range 135 139 192.168.1.0 0.0.0.255 -----Original Message----- From: Richard Pettigrew [mailto:Richard@xxxxxxxxxxx] Sent: terça-feira, 23 de outubro de 2001 09:43 To: [ISAserver.org Discussion List] Subject: [isalist] RE: isa server as proxy server http://www.ISAserver.org See if this helps.... What kind of router are you using? I have a similar problem with an ISDN Dialup Router. So I have programmed my router to block the following traffic: (Cisco IOS 12.x and up) access-list 1 permit 192.168.1.0 0.0.0.255 access-list 100 deny udp any any eq 445 access-list 100 deny udp any any eq netbios-ns access-list 100 deny udp any any eq netbios-dgm access-list 100 deny udp any any eq 135 access-list 100 deny udp any any eq snmp access-list 100 deny udp any any eq snmptrap access-list 100 deny udp any any eq ntp access-list 100 deny udp any any eq time access-list 100 deny udp any any eq rip access-list 100 deny tcp any any eq 37 access-list 100 deny tcp any any eq domain access-list 100 deny tcp any any eq 135 access-list 100 deny tcp any any eq 139 access-list 100 deny tcp any any eq 389 access-list 100 deny tcp any any eq 636 access-list 100 deny tcp any any eq 3268 access-list 100 deny tcp any any eq 3269 access-list 100 deny tcp any any eq 445 dialer-list 1 protocol ip list 100 If you can block this traffic, it should substatially cut down on unrequested outgoing traffic. -----Original Message----- From: Jay Errappa [mailto:j.errappa@xxxxxxxxxxxx] Sent: 23 October 2001 06:16 To: [ISAserver.org Discussion List] Subject: [isalist] isa server as proxy server http://www.ISAserver.org Hi all I have a w2k domain controller with two NIC, one for internal and the other for external.The external NIC is connected directly to the router via a cross cable and the router is connected to the internet via two pstn modems(dail up).I have also install ISA server as web proxy.users can browse and check mail.But the svr randomly initiate a connection to the internet , may be every 3 to 5 mins. I have test this config without ISA on a windows 2k standalone server the problem still persist.I think that this is a problem with TCP/IP. Plse help. ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: richard@xxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: Hugo@xxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')