• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

UDP Ports and Direct Access

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Forefront Unified Access Gateway 2010] >> DirectAccess >> UDP Ports and Direct Access Page: [1]
Login
Message << Older Topic   Newer Topic >>
UDP Ports and Direct Access - 24.Feb.2012 1:36:40 PM   
Taps

 

Posts: 12
Joined: 13.Sep.2001
From: Atlanta, GA
Status: offline
After much playing around, I have a functional UAG Server which is running solely for Direct Access purposes.  I have a handful of clients testing this, and so far the response has been overwhelmingly positive.With one exception.....

We have users who would like to be able to use certain applications that have to connect back to an IBM LUM server to obtain licenses.  My goal is to have this work through direct access.

According to IBM, the LUM server uses UDP port 1515 for connectivity.  And I have configured an "AuthPort" of UDP 1516 to answer.  Connected to the local LAN, this works flawlessly.  The application starts, sees the license server, obtains a license and allows the application to run.  Just as expected.

But when using direct access connections, it immediately fails.  I am thinking it might be the client firewall settings that is prohibiting the connections, but I cant get any information from the pfirewall.log file that shows it was allowed or dropped.

BTW, when the client are connected to the "Domain network", the firewall is disabled.  This is what leads me to believe it might be the client firewall.

Using the UAG WebMonitor, I can see the DirectAccess clients connected.

I am able to ping the license server from the DA Client.

I am able to open \\licenseserver\share from the DA Client with no issues as well.

I am able to ping the DA Client from a managed machine inside my network.

I am able to see \\DAClient\Share from inside the network as well.

I have not been able to verify that it isnt TMG hindering something.  Is there a way to just see what traffic is coming through DA connections in the log?  I tried loading the DaLogFilter.xml definition into the log viewer, but that just seems to show me when clients start and end connections. 

Is there a specific place I can look to see what is topping these packets from reaching their final destination?
Post #: 1

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Forefront Unified Access Gateway 2010] >> DirectAccess >> UDP Ports and Direct Access Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts