• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

layered outbound security

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 General] >> General >> layered outbound security Page: [1]
Login
Message << Older Topic   Newer Topic >>
layered outbound security - 4.Dec.2001 6:01:00 PM   
abeeber

 

Posts: 31
Joined: 24.Oct.2001
From: Norwell, MA, USA
Status: offline
Hi all,
Just a curious question. On my network the ISA server is the default gateway to the internet, which means every computer is a supernat. I have set a rule with limited outbound protocol access.

On top of that I have additional rules that apply to 2 win2k groups. One group has all ip traffic, whilst the other has limited protocol access to the internet.

Is there any issues in having this layer approach to outbound access to the internet. And if so, what are they.

Thanks in advance.

andrew

Post #: 1
RE: layered outbound security - 4.Dec.2001 8:02:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Andrew,

Not sure what layers you're thinking of here. With SecureNAT clients, the only way you can control outbound access is by using Client Address Sets.

HTH,
Tom

------------------
http://www.isaserver.org/shinder/


Get It Here!


(in reply to abeeber)
Post #: 2
RE: layered outbound security - 4.Dec.2001 11:18:00 PM   
abeeber

 

Posts: 31
Joined: 24.Oct.2001
From: Norwell, MA, USA
Status: offline
Tom,
What I am trying to do is have 3 layers of outbound access. The first is supernat with limited access (meaning that the outbound rule applies to all traffic). The 2nd layer is limited outbound access applied to a number of user groups. and the third is full access outbound applied to a specific list of users and groups. So layers 2 and 3 are based on authentication to the firewall by the firewall client. If the firewall client is not loaded then the machine will get access by being a supernat.

So, I am wondering if there are any issues with this configuration.

Andrew


(in reply to abeeber)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 General] >> General >> layered outbound security Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts