Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Weird Java Applet

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Firewall Client >> Weird Java Applet Page: [1]
Login
Message << Older Topic   Newer Topic >>
Weird Java Applet - 1.Sep.2005 7:16:00 AM   
blueivy

 

Posts: 5
Joined: 1.Sep.2005
Status: offline 		I'm hoping somebody can help me out. This is a bit long winded to forgive me but it's all important.

I have a MSJava (yes MSJava not Sun Java) applet that tries to open a connection from the host machine on port 9995 direct to a particular website. As there is no default gateway on our network (for security reasons - all network traffic is sent out through ISA using the proxy settings in the browser) the applet bounces around a little bit between routers and then fails. The solution! Install Microsoft Firewall Client and send the connection on port 9995 to the ISA Proxy which will send the connection out.

The ISA Server is firewalled at both sides so we have a problem. When the FWC tries to connect to the ISA server it does so on a random port. The firewall obviously blocks this. It seems (from previous posts) that you cannot lock down the random port to a range of specific ports and we can't open the internal firewall up to please the FWC so we're a bit stuck.

My question is this. Can anybody determine another solution to proxy this connection through ISA?
Post #: 1
RE: Weird Java Applet - 1.Sep.2005 3:44:00 PM   
spouseele

 

Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline 		Hi Blue Ivy,

why do you place a firewall between your internal clients and the ISA internal interface? The ISA server protects itself on all interfaces! So, what are you trying to accomplish with such a setup?

HTH,
Stefaan

(in reply to blueivy)
Post #: 2
RE: Weird Java Applet - 2.Sep.2005 10:19:00 AM   
blueivy

 

Posts: 5
Joined: 1.Sep.2005
Status: offline 		I never set it up, it's not part of the design. Nothing I can do about the environment. It's there and I have to work with it.

(in reply to blueivy)
Post #: 3
RE: Weird Java Applet - 4.Sep.2005 1:54:00 PM   
spouseele

 

Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline 		Hi Blue Ivy,

if you can't adopt your network design to facilitate an optimum installation of your ISA 2004 then you will have to live with the consequences of your choices. [Razz]

The best workaround I know of is to give full IP access from your internal hosts to the IP addresses allocated to the ISA internal interface. Also, do not implement NAT between the internal network and the ISA server.

HTH,
Stefaan

(in reply to blueivy)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Firewall Client >> Weird Java Applet Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts