Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Issues publishing ESET NOD 32 server on Virtual PC
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Issues publishing ESET NOD 32 server on Virtual PC - 8.Jan.2008 4:32:55 PM
|
|
|
ABCPL
Posts: 13
Joined: 21.Nov.2006
Status: offline
|
Hi,
We are running into issues publishing our NOD 32 Remote Administrator Server on our ISA 2006 server.
We have multiple networks on the ISA Server. The NOD32 definition server is located on one network and the clients are on another one. I created an access rule to allow the client network to connect to the IP of the server NOD32 on Outbound TCP port 2222.
The logs FWS log shows an error code of: Denied 0xc0040012
When I try to telnet to the server IP and port from within the server network, it works without issue.
Has anyone configured a NOD32 Remote Administration Server behind ISA? And are there any gotchas with VirtualPC?
Any assistance would be appreciated.
|
|
|
|
|
RE: Issues publishing ESET NOD 32 server on Virtual PC - 8.Jan.2008 5:03:58 PM
|
|
|
pwindell
Posts: 782
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
|
Never heard of a NOD32 Remote Administration Server.
Virtual PC has nothing to do with any of it and is pretty much irrelevant.
You are getting the "denied" because the traffic does not "match" the Rule you created. So you have to figure out were you went wrong in creating the Access Rule. The Monitoring Log should help with sorting that out.
If a Rule does not match the current traffic it is ignored and the next rule in the list is processed. This repeats over and over until a match is found. If no match is found the process hits the Last Default Rule which "denies" everything no matter what,...and that is where the "deny" comes from. That is how it works, it is a fairly simple process.
There really isn't much more that can be said about it at this point.
_____________________________
Phillip Windell
www.wandtv.com
|
|
|
|
|
RE: Issues publishing ESET NOD 32 server on Virtual PC - 25.Jan.2008 10:15:19 AM
|
|
|
ABCPL
Posts: 13
Joined: 21.Nov.2006
Status: offline
|
I am truly stumped. Please help!
Phillip was correct that the rule does not match however, I cannot figure out where I am going wrong with it. I removed the virtual PC from the picture and have a Win2003 SP2 system configured with nothing else on it except a TCP port listener (configured for port 2222) and Network Monitor. The ISA access rule is detailed below along with the denied entry and frame information from Network Monitor of a system on the same network as the W2K3 server with NOD32 using port 2222. I know that 0xc0040012 is FWX_E_NETWORK_RULES_DENIED. I am sure it’s something really simple but I just can’t see it. If there is any detail missing, please let me know. I appreciate any assistance.
Paul
Access Rule: NOD2222 (enabled)
Action: Allow
Protocols: Primary Connection – Port range: 2222 - Protocol Type: TCP - Direction: Outbound (I am not filtering any source ports)
From: Contains the network entry where the client is located.
To: is the IP address of the server
Users: All Users
Schedule: Always
Content Types: All content types selected
ISALOG entry:
X.Y.0.155 is the station with NOD32 antivirus
X.Y.1.110:2222 is the W2K3 server
X.Y.0.X is the client network that contains X.Y.0.155
TESTISA 2008-01-25 14:39:27 TCP X.Y.0.155:1225 X.Y.1.110:2222 X.Y.0.155 X.Y.0.X Internal Denied 0xc0040012 - NOD2222 0 0 0 0 - - - - 0 0
Network Monitor
IP: Protocol = TCP – Transmission Control; Packet IS = 843; Total IP length = 48; Option = No Options
TCP: Control Bits: ….S., len: 0, seq:xxxxxx-xxxxx, ack: 0, win:65535, src: 1981 dst: 2222
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
