Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

SecureNAT is killing me

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> SecureNAT Client >> SecureNAT is killing me Page: [1]
Login
Message << Older Topic   Newer Topic >>
SecureNAT is killing me - 19.Aug.2005 1:00:00 PM   
vamram

 

Posts: 44
Joined: 19.Dec.2003
Status: offline 		Hello All,

I've been through the forum trying to find solutions to this problem. Apologies if I've missed a solution link.

I'm responsible for rolling out a new "internal" segment on the ISA 2004 that will have a ROUTE relationship w/our Internal ISA segment. The Internal holds AD, Exchange, etc. Clients on this new internal segment will be Firewall clients in the case of Windows machines, SecureNAT and Proxy clients in the case of the MACs and Linux boxes.

My problem is that in testing, SecureNAT clients are unable to make FTP connections anywhere, despite specific access rules allowing it.

My SecureNAT test machines are actually on the INTERNAL segment. They are Windows XP Pro/sp2 PCs w/out the FWC installed. I figure that if I can get this working, I can get it working on the coming "internal" segment.

If I can't get this to function w/other protocols as well - sftp, cvs, and ssh, for example - I'm toast and so is my ISA server.

Please help! THanks!

Victor - a.k.a "Johnny Quest" "[Confused]"
Post #: 1
RE: SecureNAT is killing me - 22.Aug.2005 8:37:00 AM   
vamram

 

Posts: 44
Joined: 19.Dec.2003
Status: offline 		Ya know, some days I begin to wonder if my mind is seriously starting to slip. Or, worse, I KNOW it's going. What I really mean is that I figured out my problem.

I had the Users tab on the rule set to a specific AD users group. DUH-UH. SecureNAT DOES NOT WORK w/Authentication-based rules. I changed it to All Users and VOILA. This came to me in my sleep of course.

I've been working w/ISA in production environments since Proxy Server 2.0 and ol' Surrogate Socket combos. Ya'd think I'd be able to cross my t's and dot my i's, not loose the forest for the trees, etc etc.

Oh well. On to the next challenge. [Roll Eyes] [Roll Eyes]

(in reply to vamram)
Post #: 2
RE: SecureNAT is killing me - 22.Aug.2005 9:55:00 AM   
ClintD

 

Posts: 1833
Joined: 26.Jan.2001
From: Keller, TX
Status: offline 		Ahhh... Surrogate Sockets - good stuff. Still don't really understand why you had to have this to publish Terminal Servers with Proxy 2.0, but... who cares anymore?

[ August 22, 2005, 09:55 AM: Message edited by: ClintD ]

(in reply to vamram)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> SecureNAT Client >> SecureNAT is killing me Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts