[isapros] Re: ISA 2004 issue - cache only/single homed
- From: "Greg Mulholland" <gmulholland@xxxxxxxxxxxx>
- To: isapros@xxxxxxxxxxxxx
- Date: Tue, 26 Feb 2008 11:18:59 +1000 (EST)
Tell them then that they need to undertsand how it actually works. Some
basic understanding of protocols and what you are actually trying to
achieve goes a long way. I'm staggered at the amount of 'network
guys" who can (isa aside) create an "allow all" rule
and get it working. You need to sit down and plan out your
firewall rules based on the traffic you need to pass, or block,
before you install the firewall.
Unless they have
configured it wrong ISA wont be your problem The firewall service is
required to be running so disabling it is NOT your answer, repeat NOT.
Greg
> LOL, good point! Not much of a school. :)
> The guys who contacted me, already sent me this link and told me
that this
> was presented to the school managers.
> The
managers asked if we can try to do something about it. "Can't you
make
> it work? You are an IT guy" :)
>
>
> ----- Original Message ----
>
From: Jim Harrison
<Jim@xxxxxxxxxxxx>
> To: "isapros@xxxxxxxxxxxxx"
<isapros@xxxxxxxxxxxxx>
> Sent: Tuesday, 26 February, 2008
1:07:02 AM
> Subject: [isapros] Re: ISA 2004 issue - cache
only/single homed
>
> (there is a rule "allow
all") - <WHIMPER>
> ISA has ceased to protect the
server where it resides.
> This is the example your school
creates for its students?!?
>
> Point your school
network admins to this link:
>
http://www.microsoft.com/technet/isa/2004/plan/unsupportedconfigs.mspx
>
> -----Original Message-----
>
From:
isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
> On Behalf Of Zoran Marjanovic
> Sent: Sunday, February 24,
2008 8:35 PM
> To: isapros@xxxxxxxxxxxxx
> Subject:
[isapros] Re: ISA 2004 issue - cache only/single homed
>
> Thanks Thomas.
>
> It's a school and they
insisted on it. Interestingly, DC works fine and
> clients have
no problems at all (there is a rule "allow all", I was told).
> The problem their admin experienced was related to accessing a
share
> hosted on this ISA box by their MS SMS (another box).
> I have not logged on the server yet so I am not sure what errors
they got
> and how it really looks. My first thought was to
simply shut firewalling
> down, since they do not need it. I will
probably check it today and will
> let you know if I figure out
what was the issue.
>
> Cheers,
>
>
Zoran
>
>
> ----- Original Message ----
>
From: Thomas W Shinder <tshinder@xxxxxxxxxxx>
> To: isapros@xxxxxxxxxxxxx
> Sent: Monday, 25 February,
2008 2:43:17 PM
> Subject: [isapros] Re: ISA 2004 issue - cache
only/single homed
>
>
>
> The ISA
firewall is NOT supported on a DC, so it’s a moot
question.
>
>
>
>
From:
isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
> On Behalf Of Zoran Marjanovic
> Sent: Sunday, February 24,
2008 8:33 PM
> To: isapros@xxxxxxxxxxxxx
> Subject:
[isapros] ISA 2004 issue - cache only/single homed
>
>
>
> Hi guys,
>
>
>
>
It is a "multi-practic" server :), Win 2003 SP1, DC, ISA, file
server...
> huh, with only 1 NIC.
>
>
>
> Could you please confirm that Lockdown mode in ISA 2004
cannot be
> disabled? (I think I saw it somewhere but cannot find
it now)
>
> Also, is it possible to install ISA without
its firewall service because
> all I need is caching?
>
>
>
> Thanks a bunch!
>
>
>
> Zoran
>
>
>
>
>
>
>
> ________________________________
>
> Get the name you always wanted with the new y7mail
email address
>
<http://au.rd.yahoo.com/mail/taglines/au/y7mail/default/*http:/au.yahoo.com/y7mail/?p1=ni&p2=general&p3=tagline&p4=other>
> .
>
>
>
>
________________________________
>
> Get the name you
always wanted with the new y7mail email address
>
<http://au.rd.yahoo.com/mail/taglines/au/y7mail/default/*http://au.yahoo.com/y7mail/?p1=ni&p2=general&p3=tagline&p4=other>
> .
>
>
> Get the name you always
wanted with the new y7mail email address.
>
www.yahoo7.com.au/y7mail
>
>
Other related posts:
