[isapros] Re: Server Publishing Rule
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: <isapros@xxxxxxxxxxxxx>
- Date: Tue, 9 Jan 2007 06:41:25 -0800
Nope; ISABPA includes a neato toy called ISABPAPack.
It will gather the most common data required for ISA behavioral
analysis.
Its use is covered in the docs that come with the package.
"isabpapack +repro" is the command line used to start the process.
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Amy Babinchak
Sent: Tuesday, January 09, 2007 5:43 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Server Publishing Rule
They are firewall clients. I'll see about gathering the data for you. By
repro data you mean the captures?
Amy Babinchak
Harbor Computer Services
________________________________
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Jim Harrison
Sent: Tuesday, January 09, 2007 12:11 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Server Publishing Rule
If internal clients are using ISA to reach the internal app, then your
problem isn't in the rule, but the client configuration.
Internal access of server publishing is necessarily SecureNET or FWC
clients only.
Got ISABPAPack +repro data?
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Amy Babinchak
Sent: Monday, January 08, 2007 8:21 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Server Publishing Rule
I would agree however when WalMart says you'll use this app if you want
to sell us product, then you use the app.
The nature of the fail doesn't show in ISA. If I have a range of ports
in my server publishing rule, then Internal clients attempting to access
the app server can't get there. ISA doesn't show any fails or denied.
NetMon running on the SBS server shows a successful packet to the app
server but the response from the app server is stack error 1250. If I
have a single port (tcp 1521) in the server publishing rule then
internal clients can get the app server just fine.
Since the server publishing rule only applies from External to the app
server why is this affecting internal workstation access to the app
server?
Amy Babinchak
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Jim Harrison
Sent: Monday, January 08, 2007 10:56 PM
To: isapros@xxxxxxxxxxxxx; isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Server Publishing Rule
Amy,
Any time a vendoir tells you they need "all inbound ports", it's time to
shitcan that application and bitch-slap teh vendor back to their
Commodore Vic-20.
That said:
Q1 - what is the port range are you defining?
Q2 - what is the nature of "fails"?
________________________________
From: isapros-bounce@xxxxxxxxxxxxx on behalf of Amy Babinchak
Sent: Mon 1/8/2007 4:00 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Server Publishing Rule
I have published an internal server on port 1521. Works fine. However,
the vendor (an EDI application) says they need access over all inbound
ports. If I create a range published to this server, then Internal
access to the server fails.
Why?
Amy Babinchak
Harbor Computer Services
All mail to and from this domain is GFI-scanned.
All mail to and from this domain is GFI-scanned.
All mail to and from this domain is GFI-scanned.
Other related posts:
