Here's what I had to do to get Army Operations up and running. I created several "Protocol Definitions" under "Policy Elements". I do realize there are some redundancies, but better safe than sorry. I am running the Firewall Client on the workstation.
That's all I did as well as use the firewall client. It's been working great since I posted that message. Your probably don't need to do the GameSpy 3D definitions, but the GameSpy Arcade and Americas Army (or whatever you want to call it) definitions are a must.
From: South Wales, United Kingdom
Hi cgrace1970, All the configuration above works...cept your missing Port 28910 TCP OUTBOUND I couldnt get the Gamespy browser to actually show the games - drove me nuts for hours untill I checked the ISA logfile (thanks Tom!) and there it was asking for 28910!
Paul 'Error finding COLDBEER.CAN Sysop not loaded!'
Interesting, because I just checked my logs and it dosn't ask for port 28910 at all. It does however, try to access port 28917. I didn't have any problems with connecting before, but I did last night. LOL I'm going to investigate further. Maybe there is a range of ports that need to be opened for AA. I'll post here, if I find something.
I finally got around to looking at this and you are correct 28910 is required and missing from the configuration I posted. I had it open with another, previously created rule and that's how I missed it. Good show!
I also have an "Allow All Protocol Access Rule", under "Protocol Rules", that opens up all the protocol definitions. I'm working on defining exactly which ports/protocols need to be set up, for those people who don't want to use the Firewall Client or open up all the protocol definitions. I've been working on it on and off for about a week, so I don't know when I will post a solution. I'm hoping to fix up a few other game protocol definitions at the same time, as well as some game servers.
You open up port 28910 in "Secondary Connectons" under the GameSpy Arcade definition.
I have opened the ports necessary for AA login and browsing. I am using the Protocol Def. set listed in the post. I have NOT configured GSA or GS3D as I don't need them yet. I have two hosts inside that need this access. I am new to ISA and would appreciate any help you can offer.
Oh, I have changed only two things in ISA config, I have not started the procedures to completely secure it yet. I have created two Site and Content rules, one for two users to go anywhere and one for two users to be limited to a couple of web sites.
I don't see where I said to disable any rules, but I did mention I had a couple of custom ones. That's in order to restrict some other things and not specific to any AA setting.
I used to get the "Timed Out" message too. You said you didn't configure the GSA connections, but you will need to create them, because AA has the GSA browser built in to it. This may (or may not) be your problem. Don't forget to add the port 28910 TCP Outbound info to the secondary connection of GSA (mentioned in the thread), which I forgot in the original posting.