RE: isa server as proxy server

• From: <Hugo@xxxxxxxxxxxxx>
• To: <isalist@xxxxxxxxxxxxx>
• Date: Tue, 23 Oct 2001 11:56:22 -0200

Just an IOS access-list suggestion:

access-list 100 deny udp any 192.168.1.0 0.0.0.255 range 135 139
access-list 101 deny udp any range 135 139 192.168.1.0 0.0.0.255
access-list 101 deny tcp any 192.168.1.0 0.0.0.255 range 135 139
access-list 101 deny tcp any range 135 139 192.168.1.0 0.0.0.255


-----Original Message-----
From: Richard Pettigrew [mailto:Richard@xxxxxxxxxxx]
Sent: terça-feira, 23 de outubro de 2001 09:43
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: isa server as proxy server


http://www.ISAserver.org


See if this helps....

What kind of router are you using?

I have a similar problem with an ISDN Dialup Router. So I have
programmed my router to block the following traffic:

(Cisco IOS 12.x and up)
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 100 deny   udp any any eq 445
access-list 100 deny   udp any any eq netbios-ns
access-list 100 deny   udp any any eq netbios-dgm
access-list 100 deny   udp any any eq 135
access-list 100 deny   udp any any eq snmp
access-list 100 deny   udp any any eq snmptrap
access-list 100 deny   udp any any eq ntp
access-list 100 deny   udp any any eq time
access-list 100 deny   udp any any eq rip
access-list 100 deny   tcp any any eq 37
access-list 100 deny   tcp any any eq domain
access-list 100 deny   tcp any any eq 135
access-list 100 deny   tcp any any eq 139
access-list 100 deny   tcp any any eq 389
access-list 100 deny   tcp any any eq 636
access-list 100 deny   tcp any any eq 3268
access-list 100 deny   tcp any any eq 3269
access-list 100 deny   tcp any any eq 445
dialer-list 1 protocol ip list 100

If you can block this traffic, it should substatially cut down on
unrequested outgoing traffic.



-----Original Message-----
From: Jay Errappa [mailto:j.errappa@xxxxxxxxxxxx]
Sent: 23 October 2001 06:16
To: [ISAserver.org Discussion List]
Subject: [isalist] isa server as proxy server


http://www.ISAserver.org


Hi all
I have a w2k domain controller with two NIC, one for internal and the
other for external.The external NIC is connected  directly to the
router
via a cross cable and the router is connected to the internet via two
pstn
modems(dail up).I have also install ISA server as web proxy.users can
browse and check mail.But the svr randomly initiate a connection to
the
internet , may be every 3 to 5 mins.
I have test this config without ISA on a windows 2k standalone server
the
problem still persist.I think that this is a problem with TCP/IP.

Plse help.

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
richard@xxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
Hugo@xxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')

Other related posts:

• » isa server as proxy server
• » RE: isa server as proxy server
• » RE: isa server as proxy server

1. Home
2. isalist
3. Archive
4. 10-2001

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---