Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Firewall Client behavior
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Firewall Client behavior - 1.Mar.2004 8:00:00 AM
|
|
|
Squashmaster
Posts: 19
Joined: 12.Nov.2003
Status: offline
|
Morning all
Ok - so I have used ISA 2000 for a couple of years (nothing hardcore) and got used to the way it worked with the IP Packet Filters and Rules.
Now we just have the one set of access rules (which I prefer), but I still expect to be able to create a rule and have it allow ports to be open.
I have opened the ports for standard protocols (HTTP, HTTPS, FTP, ping, SMTP, RDP, etc) using the rules and they work.
However I have created a rule for my favourite game (Warcraft 3) which does not work.
Using the logging tool I can see that the requests are not even being logged !
The really annoying thing is that when I enable the firewall client on the client PC, it suddenly
loggs the requests and knows about the rule - the logs show the requests being established - by the correct rule.
My query is why can some rules only be seen by the Firewall client?? and why does the logs not record the requests for this rule until the FC is enabled??
NOTE - the protocol definition for the rule is a user defined one. does this make a difference?
NOTE - The logs show all other protocol established/denied requests regardless of FC being enabled
If someone can answer this it will make me a very happy man !["[Smile]"](/image/smiles/smile.gif "\"\"") lol
Kind Regards
MoogleAssassin
|
|
|
|
RE: Firewall Client behavior - 1.Mar.2004 11:58:00 AM
|
|
|
tshinder
Posts: 47408
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi MoogleAssassin,
What are the details of the Protocol Definition that you created?
Thanks!
Tom
|
|
|
|
|
RE: Firewall Client behavior - 1.Mar.2004 2:08:00 PM
|
|
|
Squashmaster
Posts: 19
Joined: 12.Nov.2003
Status: offline
|
it specifies the ports that Warcraft needs, these are:
TCP outbound 6112
secondary - TCP inbound 6112
I have set the inbound connections as secondary connections to the outbound ones. I have then used this definition in the access rule.
However - I am confused that the logging tool says that the requests are not even being denied, without the firewall client enabled - they simply do not happen.
hmmmm - I am confused.
|
|
|
|
|
RE: Firewall Client behavior - 1.Mar.2004 11:06:00 PM
|
|
|
tshinder
Posts: 47408
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi SM,
Very interesting. Even when the Firewall client is disabled, the SecureNAT config should take over and you should see the connections denied or allowed.
Not sure what's happening here.
Tom
|
|
|
|
|
RE: Firewall Client behavior - 2.Mar.2004 3:03:00 PM
|
|
|
Squashmaster
Posts: 19
Joined: 12.Nov.2003
Status: offline
|
Oh.
erm - is there any other information that I can post to shed some light?
would an XML backup of the ISA Server config be of use?
My filter to check the logs is:
Type = Firewall and Webproxy
Check time = Live
Client = %IP address of client PC%
Do you have any suggestions on the next step to take to try and fix this?
|
|
|
|
|
RE: Firewall Client behavior - 2.Mar.2004 7:35:00 PM
|
|
|
tshinder
Posts: 47408
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi SM,
Try logging without the client IP filter so that you can see everything.
You can backup your config and send it to me and I"ll see if something looks off.
Thanks!
Tom
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
