Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
SBS SP1 server gets ping response, client does not
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
SBS SP1 server gets ping response, client does not - 2.Aug.2005 8:52:00 AM
|
|
|
Guest
|
Just upgraded to SBS 2003 SP1. First of all found that I could no longer connect my PPTP VPNs from my client PC to other sites. Rooted around in the policy and added 'Internal' to the from/listener to the "SBS PPTP outbound Access Rule" and it now works.
Now I find that I can ping (say) www.google.com from the server console but not from my PC even with FWC enabled (or disabled!)
Had a bit of a google around but can't find anything except 'enable IP routing' which is already enabled.
Set up logging to the destination IP and the result is 'denied connection' refering to the rule "SBS Internet Access Rule".
Not sure what to check next!
Thanks
Ian
|
|
|
|
|
RE: SBS SP1 server gets ping response, client does not - 2.Aug.2005 9:57:00 AM
|
|
|
tshinder
Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Ian,
1. Don't change the System Policy for PPTP -- create an Access Rule that allows PPTP outbound from Internal to External
2. For ping to work from an Internal Network client, you need to create an Access Rule allowing Ping from Internal to External AND the client must be configured as a SecureNAT client
3. IP Routing is enabled by default
4. I'll have to check on what the "SBS Internet Access Rule" does, but the protocols allowed will appear in the Firewall policy list
HTH,
Tom
|
|
|
|
|
RE: SBS SP1 server gets ping response, client does not - 2.Aug.2005 11:34:00 AM
|
|
|
Guest
|
Great, that has fixed it. Thanks for the help. (I changed the PPTP rule too).
Now back to ploughing through your ISA book ![[Smile]](/image/smiles/smile.gif)
Ian
|
|
|
|
|
RE: SBS SP1 server gets ping response, client does not - 2.Aug.2005 11:59:00 AM
|
|
|
tshinder
Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Ian,
Great! Good to hear you got it working and thanks for the follow up!
Tom
|
|
|
|
|
RE: SBS SP1 server gets ping response, client does not - 4.Aug.2005 1:21:00 AM
|
|
|
jonathan_vella
Posts: 21
Joined: 15.Jan.2004
From: Malta
Status: offline
|
Hi Tom,
by default the "SBS Internet Access Rule" gives "All outbound access" to all users in the group Internet Access on an SBS2003 machine.
The first thing I do when setting up an SBS03 box is to reconfigure this rule to only allow HTTP / HTTPS / FTP access.
Regards,
Jonathan
|
|
|
|
|
RE: SBS SP1 server gets ping response, client does not - 4.Aug.2005 9:23:00 AM
|
|
|
tshinder
Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Jonathan,
That's an excellent security move!
I would take it even one step further, and remove the HTTPS access. Then create a separate rule that allows HTTP access only to approved sites.
Thanks!
Tom
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
