• Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Firewall client really needed for gaming?

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Misc.] >> Gaming >> Firewall client really needed for gaming? Page: [1]
Message << Older Topic   Newer Topic >>
Firewall client really needed for gaming? - 14.Apr.2003 12:37:00 AM   


Posts: 9
Joined: 11.Jan.2003
From: Birmingham, UK
Status: offline
Hi all,

You'll have to excuse me... I'm a relative newbie at ISA Server although I've learnt tons over the past few days.

Basically I'm running ISA server at home - I'm planning on taking some MS qualifications and figured it would be a good product to learn.

Anyway... online gaming:

I notice a lot of games and other products such as MSN Messenger (file transfer) require the Firewall client. Well I have a few questions I hope you can help me with...

1. What is the difference between the Firewall client and the SecureNAT client? Is the Firewall client the program that gets put on the \mspclnt file share when you install ISA?

2. Why do I need the firewall client to run games and certain apps when other apps (general MSN Messenger use, web browsing, etc...) don't require it?

3. Do I *have* to use the Firewall client or can I configure ISA any other way? Personally I don't like the idea of installing a client on every machine on a LAN that wants to run a certain app.

4. Would some kind of DMZ help side-step needing a Firewall client?

Please... tell me if I'm wrong, but other firewalls don't require client software to use app.

I really hope you can answer these questions for me and help me understand ISA a bit better.

While you're here, if anyone has got Rainbow Six 3: Ravenshield to work i'd love to hear from you "[Smile]"
Post #: 1
RE: Firewall client really needed for gaming? - 13.Aug.2003 7:07:00 AM   


Posts: 45
Joined: 12.Aug.2003
Status: offline
I wish someone would answer this post as I have exactly the same question.
Does anyone have an answer for this??

Sorry about posting a reply with no answers...

(in reply to UncleJimbo)
Post #: 2
RE: Firewall client really needed for gaming? - 16.Aug.2003 2:23:00 AM   


Posts: 11
Joined: 15.Jul.2003
Status: offline
1. There is only one piece of software that you can install on a client, and it's called the proxy client or securenat client. Often a 'firewall client' refers to a computer on the inside of ISA that does not have the securenat client installed.

2. ISA server does outbound port blocking. ISA, like most 'enterprise firewalls' doesn't allow all things out by default. You have to add rules to 'protocol rules' in order to allow that out. Your basic rules like http, smtp, pop3, msn messenger, irc, ftp, etc all are there by default, but in order to use other non-standard ports (like games, non-microsoft software, or anything that is not in your 'protocol definitions') you will need to create a protocol definition for it, and then add a protocol rule that includes that definition. If you look around this gaming forum you will see many people laying out different definitions and rules to make certain games work IN FIREWALL CLIENT MODE and NOT USING THE SECURENAT CLIENT.

3. You have two options for non-standard port apps running on your LAN out to the Internet: Either make the definitions and rules to allow them to work (use your fw logs to determine what doesn't work... they are very helpfull) OR install the SecureNAT client. For example, I made defintions for Half-Life, Ventrilo, Citrix, and other common things I use but I also play Earth and Beyond and it was impossible to make all the rules it would need to work, so I installed the SecureNAT client and was playing 2 mintues later with zero config of the firewall.

4. no

When you say 'other' firewalls I assume you refer to non-egress firewalls like hardware linksys firewalls that don't block anything going out. ISA is not like those and is not meant to be. If you want a plug-n-play solution then ISA is not for you.

To get any game to work, make definitions on your firewall for all internal clients to access the server ports that Rainbow Six 3 runs on. Whenever I deal with a new app I try to start it up and then watch the firewall logs (or even better just run ethereal, netstat -a, or tcpdump and watch what it's doing) to see what has been denied. Then make definitions that match that traffic.

Hope this helps guys.

(in reply to UncleJimbo)
Post #: 3
RE: Firewall client really needed for gaming? - 19.Aug.2003 2:59:00 AM   


Posts: 2
Joined: 19.Aug.2003
Status: offline
There is no software to install for a SecureNat client, simply configure the workstation to use the ISA Server, in a simple network, as its gateway.

A Firewall Client for ISA is the proxy software you install on the systems.

Right now I am battling with getting AA to work as well. It appears the settings that are posted in other message threads are inaccurate or at the very least, incomplete.

[ August 19, 2003, 03:01 AM: Message edited by: w2k3trainer ]

(in reply to UncleJimbo)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Misc.] >> Gaming >> Firewall client really needed for gaming? Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts