• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

RDP Access -> Unidentified IP Traffic

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> RDP Access -> Unidentified IP Traffic Page: [1]
Login
Message << Older Topic   Newer Topic >>
RDP Access -> Unidentified IP Traffic - 12.Feb.2004 4:25:00 PM   
GMSonic

 

Posts: 9
Joined: 9.Feb.2004
Status: offline
Hi,
i have a problem with a connection to a server in the internal network, which has default gateway to isa server. Ping is working, but when i want to access this server via RDP, i get no answer. In the ISA Logging Section i see the following entries:

Client IP: Server IP with Default GW to ISA
Destination Host IP: IP from my Workstation where i open the RDP Connection
Destination Port: between 4000 and 4100
Protocol: Unidentified IP Traffic
Action: Denied Connection

I have a Firewall Rule which allows all Protocols from "Internal" to "Internal". My Workstation, the Server with Default Gateway to Isa and the ISA Server are on the same Network Segment, which is configured in the internal Network.

Any ideas, what is wrong ?
Thanks..

GM
Post #: 1
RE: RDP Access -> Unidentified IP Traffic - 13.Feb.2004 9:48:00 PM   
penrose.l@2college.nl

 

Posts: 474
Joined: 29.Jan.2004
From: Netherlands
Status: offline
Hi ,

A Firewall rule from Internal to Internal will never work. Here's why :
If internal and internal are on the same subnet , then these 2 computers will talk to eachother directly , without intervention from ISA

If internal and internal are not on the same subnet then you have configured something terribly wrong in ISA server [Smile]

So , if workstation and server are on same subnet , the workstation goes directly from the switch to the server.

Check :
- the server , type this : netstat -a -n and look for listeners on port 3389
if you don't see any or they are on the wrong NIC , then you need to check the terminal server RDP settings

- on the workstation : ping the server , try a 'net use * \\server\c$ /user:admin password'
if that works , there's definately connectivity between the 2. If only 1 of 2 works , try to find out if there's firewalling on the server ( protect my computer against attacks

- check for ANY firewall ( Norton Internet security on the workstation for example )

- check security algorithms on the server ( RDP / signing etc )

- erhm... check a lot more things if it doesn't work. It's hard to tell but your config is wrong [Smile]

Kind regards,
Lex Penrose

(in reply to GMSonic)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> RDP Access -> Unidentified IP Traffic Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts