Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Using Symantec Premium Antispam with ISA
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Using Symantec Premium Antispam with ISA - 12.Aug.2005 11:37:00 AM
|
|
|
bluetooth
Posts: 6
Joined: 22.Jul.2005
From: Zagreb, Croatia
Status: offline
|
Hi to all!
Here is my situation and problem.
Recently, I've installed Symantec Mail Security for MS Exchange with Sym Premium Antispam. This system is installed on my MS Exchange server. This server is in my LAN protected with MS ISA 2004 server. Exchange has published SMTP, POP and OWA services. So I have one ISA server 2004 box and one Exchange with Symantec AV box.
To successfully use that Sym Premium Antispam, it has to synchronize with it's server from time to time to download updates. As I was explained from Symantec Tec Support, Premium Antispam tries to establish HTTPS communication on port 443. After handshake two systems negotiate new random port for communication that will be initiated by Symantec P Antispam update server.
My system passes over first part of communication (over HTTPS) but it fails to do second part while ISA is stopping incoming communication on that random port.
Is there any possibility to configure ISA to allow this type of communication? As far as I understand I would have to have some kind of publishing rule that would have to allow communication with my Exchange server over random port?
I hope this is enough information for you to get the picture about this issue!
Cheers and thank you in advance,
Igor
[ August 12, 2005, 11:39 AM: Message edited by: bluetooth ]
|
|
|
|
|
RE: Using Symantec Premium Antispam with ISA - 15.Aug.2005 7:26:00 AM
|
|
|
tshinder
Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Igor,
If secondary protocols are required (which would be really poor security planning on Symantec's part), then you'll need to use the Firewall client.
HTH,
Tom
|
|
|
|
|
RE: Using Symantec Premium Antispam with ISA - 15.Aug.2005 4:37:00 PM
|
|
|
bluetooth
Posts: 6
Joined: 22.Jul.2005
From: Zagreb, Croatia
Status: offline
|
Hi Tom!
Thank you for your answer.
So, I've installed FW Client 2004 on my Exchange/Symantec box. So, what should I do next? I've tried to specify new protocol definition (outgoing 443 with secondary connections incoming 0-9999). I've placed this to the new FW policy that is from my Exch/Sym box to External.... But, it doesn't work...
Am I doing something wrong?
Thank you in advnace,
Igor
|
|
|
|
RE: Using Symantec Premium Antispam with ISA - 24.Aug.2005 11:07:00 AM
|
|
|
bluetooth
Posts: 6
Joined: 22.Jul.2005
From: Zagreb, Croatia
Status: offline
|
Hi Tom and others!
I stil haven't solve this issue and I'm desperate because of this problem. Here is an article on Symantec
[URL=http://servicenews.symantec.com/cgi-bin/displayArticle.cgi?article=678&group=symantec.support.network.smse45.general&mini_version=sym_mail_security_46_mse&next=20&product=sym_ mail_security&product_name=Symantec+Mail+Security&tpre=ep]http://servicenews.symantec.com/cgi-bin/displayArticle.cgi?article=678&group=symantec.support.network.smse45.general&mini_ version=sym_mail_security_46_mse&next=20&product=sym_mail_security&product_name=Symantec+Mail+Security&tpre=ep[/URL]
Support Forum about this issue.
I'm sure that ISA can handle this out, so please help me to achive it!
Thank you all in advance,
Igor
[ August 24, 2005, 11:13 AM: Message edited by: bluetooth ]
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
