[isapros] Re: Server Publishing Rule
- From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
- To: "isapros@xxxxxxxxxxxxx" <isapros@xxxxxxxxxxxxx>
- Date: Tue, 09 Jan 2007 09:37:12 -0800
OK - just making sure... So you are saying that the internal clients can¹t
access the internal app server (directly, I assume) when you have a range of
ports on the publishing rule for External clients? They are accessing it
directly, right? Not via the ISA box? What happens if you disable the FWC
on the clients?
t
On 1/9/07 9:11 AM, "Amy Babinchak" <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx> spoketh
to all:
> No the app server is a separate box. ISA is on the SBS server.
>
>
> Amy Babinchak
> Harbor Computer Services
>
>
>
>
> From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
> Behalf Of Thor (Hammer of God)
> Sent: Tuesday, January 09, 2007 11:19 AM
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] Re: Server Publishing Rule
>
> Is the app server the same server as the ISA box as in some kind of SBS
> install?
>
> t
>
>
> On 1/8/07 8:20 PM, "Amy Babinchak" <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx> spoketh to
> all:
> I would agree however when WalMart says you¹ll use this app if you want to
> sell us product, then you use the app.
>
> The nature of the fail doesn¹t show in ISA. If I have a range of ports in my
> server publishing rule, then Internal clients attempting to access the app
> server can¹t get there. ISA doesn¹t show any fails or denied. NetMon running
> on the SBS server shows a successful packet to the app server but the response
> from the app server is stack error 1250. If I have a single port (tcp 1521) in
> the server publishing rule then internal clients can get the app server just
> fine.
>
> Since the server publishing rule only applies from External to the app server
> why is this affecting internal workstation access to the app server?
>
>
> Amy Babinchak
>
>
>
>
>
> From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
> <mailto:isapros-bounce@xxxxxxxxxxxxx%5d> On Behalf Of Jim Harrison
> Sent: Monday, January 08, 2007 10:56 PM
> To: isapros@xxxxxxxxxxxxx; isapros@xxxxxxxxxxxxx
> Subject: [isapros] Re: Server Publishing Rule
>
>
> Amy,
>
>
>
> Any time a vendoir tells you they need "all inbound ports", it's time to
> shitcan that application and bitch-slap teh vendor back to their Commodore
> Vic-20.
>
>
>
> That said:
>
> Q1 - what is the port range are you defining?
>
> Q2 - what is the nature of "fails"?
>
>
>
>
>
> From: isapros-bounce@xxxxxxxxxxxxx on behalf of Amy Babinchak
> Sent: Mon 1/8/2007 4:00 PM
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] Server Publishing Rule
>
> I have published an internal server on port 1521. Works fine. However,
> the vendor (an EDI application) says they need access over all inbound
> ports. If I create a range published to this server, then Internal
> access to the server fails.
>
> Why?
>
> Amy Babinchak
> Harbor Computer Services
>
>
>
> All mail to and from this domain is GFI-scanned.
>
>
>
>
>
Other related posts:
