• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

How can i open a port in ISA 2006 for an Application that wana connect to outside sites??

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Access Policies >> How can i open a port in ISA 2006 for an Application that wana connect to outside sites?? Page: [1]
Login
Message << Older Topic   Newer Topic >>
How can i open a port in ISA 2006 for an Application th... - 29.May2009 9:33:04 AM   
itguyme

 

Posts: 14
Joined: 29.Oct.2006
Status: offline
Hi,
I have a scenario where A new library system applications need to access the outside sites on ports which are by default not open in ISA 2006.

Please tell me how to open those ports? how to create that policy ?

port 7090 is required to be open for a online library website. So shall I add protocols any ? or just enter the port(s) ?
Post #: 1
RE: How can i open a port in ISA 2006 for an Applicatio... - 29.May2009 9:47:49 AM   
inderjeet

 

Posts: 463
Joined: 25.Nov.2008
Status: offline
You need to create a custom protocol depending the traffic is TCP or UDP. Then you need to add the protocol in your general internal access rule if you are not using the "All outbound Traffic"

Is that a web based application?

_____________________________

Inderjeet (MSFT)
My Blog: http://isingh.spaces.live.com

If you are a Microsoft Gold Partner, Contact us for Advisory/Consulting Services, Check https://partner.microsoft.com/US/supportsecurity/40012316

(in reply to itguyme)
Post #: 2
RE: How can i open a port in ISA 2006 for an Applicatio... - 29.May2009 10:02:20 AM   
itguyme

 

Posts: 14
Joined: 29.Oct.2006
Status: offline
yes actually its an online library

well the full url to which this port shud open is

telnet ****.loc.gov 7090

so should I add something in the policy also about this url ?

(in reply to inderjeet)
Post #: 3
RE: How can i open a port in ISA 2006 for an Applicatio... - 29.May2009 10:19:36 AM   
inderjeet

 

Posts: 463
Joined: 25.Nov.2008
Status: offline
No Just mention the port number as per my previous post.

Does that use HTTP or HTTPS?

_____________________________

Inderjeet (MSFT)
My Blog: http://isingh.spaces.live.com

If you are a Microsoft Gold Partner, Contact us for Advisory/Consulting Services, Check https://partner.microsoft.com/US/supportsecurity/40012316

(in reply to itguyme)
Post #: 4
RE: How can i open a port in ISA 2006 for an Applicatio... - 29.May2009 10:24:19 AM   
itguyme

 

Posts: 14
Joined: 29.Oct.2006
Status: offline
It uses http .....

(in reply to inderjeet)
Post #: 5
RE: How can i open a port in ISA 2006 for an Applicatio... - 29.May2009 11:28:36 AM   
inderjeet

 

Posts: 463
Joined: 25.Nov.2008
Status: offline
Cool. If it was HTTPS then you would have needed to run the "ISA Tunnel Port Tool" listed at http://isatools.org/tools.asp?Context=ISA2006 




_____________________________

Inderjeet (MSFT)
My Blog: http://isingh.spaces.live.com

If you are a Microsoft Gold Partner, Contact us for Advisory/Consulting Services, Check https://partner.microsoft.com/US/supportsecurity/40012316

(in reply to itguyme)
Post #: 6
RE: How can i open a port in ISA 2006 for an Applicatio... - 30.May2009 3:18:48 AM   
itguyme

 

Posts: 14
Joined: 29.Oct.2006
Status: offline
thanx inderjeet,

it is working when i telnet the ipaddress of the url but it is still not working wen i telnet with the actual url and port ....is there any configuration problem ? why by IP and why not by name ?

(in reply to inderjeet)
Post #: 7
RE: How can i open a port in ISA 2006 for an Applicatio... - 1.Jun.2009 8:54:52 AM   
inderjeet

 

Posts: 463
Joined: 25.Nov.2008
Status: offline
Are you able to get the name resolved from the machine you are tyring to open that website? If its working with IP not with name then Name Resolution is something i will focus my attention to.

Hows is your client configured to access internet? hwne you do NSLOOKUP on client machine are you able to resolve the website name?



_____________________________

Inderjeet (MSFT)
My Blog: http://isingh.spaces.live.com

If you are a Microsoft Gold Partner, Contact us for Advisory/Consulting Services, Check https://partner.microsoft.com/US/supportsecurity/40012316

(in reply to itguyme)
Post #: 8
RE: How can i open a port in ISA 2006 for an Applicatio... - 1.Jun.2009 10:29:49 AM   
itguyme

 

Posts: 14
Joined: 29.Oct.2006
Status: offline
The www.loc.gov client application behind ISA 2006 is not opening.

I did add the ports 7090 and 210 required for the application in ISA2006 new policy .

I specified these ports as

TCP - Outbound 7090 and 7090
UDP - Send recieve 7090 - 7090

Also same for Port 210

But still the application is not connecting....

Client > ISA 2006 > ASA

(in reply to inderjeet)
Post #: 9
RE: How can i open a port in ISA 2006 for an Applicatio... - 1.Jun.2009 11:54:21 AM   
inderjeet

 

Posts: 463
Joined: 25.Nov.2008
Status: offline
Have you opened the same on your ASA as well?

_____________________________

Inderjeet (MSFT)
My Blog: http://isingh.spaces.live.com

If you are a Microsoft Gold Partner, Contact us for Advisory/Consulting Services, Check https://partner.microsoft.com/US/supportsecurity/40012316

(in reply to itguyme)
Post #: 10
RE: How can i open a port in ISA 2006 for an Applicatio... - 1.Jun.2009 12:10:03 PM   
itguyme

 

Posts: 14
Joined: 29.Oct.2006
Status: offline
Yea if we telnet form any NAT computer it telnets fine. But from behind any ISA 2006 comp it is not telneting ...

(in reply to inderjeet)
Post #: 11
RE: How can i open a port in ISA 2006 for an Applicatio... - 1.Jun.2009 12:41:36 PM   
inderjeet

 

Posts: 463
Joined: 25.Nov.2008
Status: offline
 Better check it with Microsoft Support... Thats all i can tell as of now. Someone needs to remote into your ISA and check the config. I have no way of doing it

_____________________________

Inderjeet (MSFT)
My Blog: http://isingh.spaces.live.com

If you are a Microsoft Gold Partner, Contact us for Advisory/Consulting Services, Check https://partner.microsoft.com/US/supportsecurity/40012316

(in reply to itguyme)
Post #: 12
RE: How can i open a port in ISA 2006 for an Applicatio... - 2.Jun.2009 1:57:03 AM   
itguyme

 

Posts: 14
Joined: 29.Oct.2006
Status: offline
I thank you for your willingness to support inderjeet.

I found the solution .

I installed firewall client and the application started running.

(in reply to inderjeet)
Post #: 13
RE: How can i open a port in ISA 2006 for an Applicatio... - 3.Jun.2009 10:15:14 AM   
inderjeet

 

Posts: 463
Joined: 25.Nov.2008
Status: offline
That's cool...Sometimes the issues aren't at ISA atol :)
We kept checking in for the requests but now it make total sense that since the application was accessing the website from within itself, it was not a browser based request but a RPC request...which was to handled by Firewall client...

Good !!

_____________________________

Inderjeet (MSFT)
My Blog: http://isingh.spaces.live.com

If you are a Microsoft Gold Partner, Contact us for Advisory/Consulting Services, Check https://partner.microsoft.com/US/supportsecurity/40012316

(in reply to itguyme)
Post #: 14

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Access Policies >> How can i open a port in ISA 2006 for an Application that wana connect to outside sites?? Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts