Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
ONLY FIREWALL CLIENT
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
ONLY FIREWALL CLIENT - 22.Jan.2006 7:50:54 PM
|
|
|
majedalanni
Posts: 64
Joined: 7.Jan.2006
Status: offline
|
Hi ALL
How I configure only firewall client use my ISA SERVER and the other clients (SECURENAT and WEPCLIENT) will block
thanks
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 22.Jan.2006 8:08:28 PM
|
|
|
spouseele
Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline
|
Hi majedalanni,
why do you want to ban the Web Proxy clients?
If you only create authenticated access rules, no SecureNAT client requests will get through.
HTH,
Stefaan
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 22.Jan.2006 9:44:24 PM
|
|
|
majedalanni
Posts: 64
Joined: 7.Jan.2006
Status: offline
|
Hi ALL
How I create authenticated access rules for block SecureNAT ?
please details
Thanks alot
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 22.Jan.2006 10:42:02 PM
|
|
|
LLigetfa
Posts: 2184
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
|
Rulles that do not have "All Users" will require authentication and cause S-NAT to be denied.
Why do you want to deny WP clients?
_____________________________
The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 22.Jan.2006 10:46:42 PM
|
|
|
majedalanni
Posts: 64
Joined: 7.Jan.2006
Status: offline
|
My client connect to my ISA servre by wireless
and some unautherize client access my wireless but I want block them the some time make a packet sniffer and stolen the IP that I gave it access to internet
I wnat only FW client work?
how I make access rule for them
many thanks
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 22.Jan.2006 10:59:31 PM
|
|
|
LLigetfa
Posts: 2184
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
|
I still don't understand why WP should be disabled. Are the thieves also stealing the username/password? Are you wireless clients domain members or how to you plan to enforce authentication? Are the thieves domain members too?
You can disable the WP listener on ISA.
_____________________________
The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 23.Jan.2006 4:35:23 PM
|
|
|
majedalanni
Posts: 64
Joined: 7.Jan.2006
Status: offline
|
I wont use WP and username /password
I want use direct connection
I configure my client all as secuareNAT but I know want install on all of them FW client
and FW client not work the client cant access to internet
all my rule in ISA server is used all user
and I put the IP client in a gruop and give the gruop a rule to access to internet
thats all
thanks
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 23.Jan.2006 4:54:38 PM
|
|
|
LLigetfa
Posts: 2184
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
|
If you don't answer my questions, I cannot help you any further. Did you try removing "All Users"? Did you try disabling the WP listener? How is that working out for you?
_____________________________
The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 23.Jan.2006 7:52:45 PM
|
|
|
majedalanni
Posts: 64
Joined: 7.Jan.2006
Status: offline
|
Okay this is my story
I have a 3 public ip conecting one of them to isa server and make a rule for ALL USER and just open the internet for a computer set (named Client)
The rule is (alow - some protocols - from client - to external - all user)
I put some ip on Client group
the ISA server connect to ACCESS POINT to give the client (internet) but some hacker make a packet sniffer and know my ip client and setup his computer and he have an internet when the real client is turn his PC off and when they run at same time the had IP conflict
all my client configure there pc (IP,subnet,gateway my isa server and dns my ISA server)
I dont wont my user use WP .
I want just have FW client can use the internet and when the hacker use a gateway he cant work it mean blocking secureNAT
Thats all
Many thanks LLigetfa for listing to me
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 23.Jan.2006 10:19:42 PM
|
|
|
LLigetfa
Posts: 2184
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
|
Still no answers to the following questions.
quote:
ORIGINAL: LLigetfa
Are the thieves also stealing the username/password?
Are you wireless clients domain members or how to you plan to enforce authentication?
Are the thieves domain members too?
I already told you how to disable both WP and S-NAT.
quote:
ORIGINAL: LLigetfa
Did you try removing "All Users"?
Did you try disabling the WP listener?
How is that working out for you?
What more do you want?
_____________________________
The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 24.Jan.2006 10:41:37 AM
|
|
|
majedalanni
Posts: 64
Joined: 7.Jan.2006
Status: offline
|
No they not steel password because I am not use domain
I told you all my client is SecureNAT I just put the ip and subnet and gateway and dns in there PCs and they have access to internet
I disable WP
But if I remove ALL USERS condition what I put instead of it to make only FW client work
Thanks
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 24.Jan.2006 12:20:23 PM
|
|
|
elmajdal
Posts: 5071
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
|
quote:
ORIGINAL: LLigetfa
Did you try disabling the WP listener? How is that working out for you?
hi LLigetfa
i would like to know how can i disable the WP listener.
Thanks
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 24.Jan.2006 2:37:21 PM
|
|
|
LLigetfa
Posts: 2184
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
|
maj,
I cannot help you. If you are not prepared to use authentication, FWC is not your solution. YOu may want to look at deploying VPN or PPPoE instead.
elm,
To disable WP, just deselect "Enable Web Proxy clients" on your Internal network properties.
_____________________________
The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 24.Jan.2006 3:02:49 PM
|
|
|
LLigetfa
Posts: 2184
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
|
It is a listener. Enabling WP causes ISA to *listen* on port 8080 (or whatever you define). What is your definition of listener?
_____________________________
The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 24.Jan.2006 6:48:01 PM
|
|
|
majedalanni
Posts: 64
Joined: 7.Jan.2006
Status: offline
|
Hi
You mean I must have a domain to authenticate users or else I use VPN or PPPoE, just these soluation
Did you think the domin is helpfull when using wireless?
Thanks
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 24.Jan.2006 6:57:03 PM
|
|
|
LLigetfa
Posts: 2184
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
|
I never said you HAD to have a domain. I simply asked you how (if) you planned to do the authenticating.
_____________________________
The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 24.Jan.2006 9:00:58 PM
|
|
|
majedalanni
Posts: 64
Joined: 7.Jan.2006
Status: offline
|
okay
I block WP client
but how I block secureNAT without domain ?? how I put a rule that block secureNAT
can you tell me
and I sorry if I distrube you
thanks
|
|
|
|
|
RE: ONLY FIREWALL CLIENT - 24.Jan.2006 10:01:42 PM
|
|
|
majedalanni
Posts: 64
Joined: 7.Jan.2006
Status: offline
|
And if I need authenticate Imust have a domain or a WP client??????
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
