Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

RE: ISA2004 and Active Directory

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Installation >> RE: ISA2004 and Active Directory Page: <<   < prev  1 [2]
Login
Message << Older Topic   Newer Topic >>
RE: ISA2004 and Active Directory - 21.Jul.2004 3:26:00 AM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi panikovski,

Unfortunately, that provides a perfect setup for the next Internet worm to attack the ISA firewall from the inside [Frown]

HTH,
Tom

(in reply to face_offir)
Post #: 21
RE: ISA2004 and Active Directory - 21.Jul.2004 12:41:00 PM   
panikovski

 

Posts: 25
Joined: 26.Jun.2004
Status: offline
quote:
Originally posted by tshinder:
Hi panikovski,

Unfortunately, that provides a perfect setup for the next Internet worm to attack the ISA firewall from the inside [Frown]

HTH,
Tom
Hi Tom!
Then may be opening just some "must be opened" protocol at the FW rule for from "Internal Network" to "Local Host Network", not all, for providing domain clients to logon to the DC?
Or mistake is generally at the creating any allow rule from internal network to Local host???

(in reply to face_offir)
Post #: 22
RE: ISA2004 and Active Directory - 21.Jul.2004 4:04:00 PM   
panikovski

 

Posts: 25
Joined: 26.Jun.2004
Status: offline
quote:
Originally posted by tshinder:
Hi panikovski,

to attack the ISA firewall from the inside [Frown]

HTH,
Tom
Hi Tom!
Can you please explain a little bit more, what meaning of "attack from inside"?
I created "Allow All" rule only from "Internal Network" to the "Local Host Network". Is this configuration open ISA machine for access from public internet? Or you mean that internal users can attack Isa machine?

(in reply to face_offir)
Post #: 23
RE: ISA2004 and Active Directory - 21.Jul.2004 4:24:00 PM   
Hercules

 

Posts: 19
Joined: 15.Jan.2003
Status: offline 		Does the allow all rule from the internal network to the local host work in letting clients access the domain? This is the problem I am having -- I can't get an IP address from DHCP nor can I authenticate to my domain.

Thanks!

(in reply to face_offir)
Post #: 24
RE: ISA2004 and Active Directory - 21.Jul.2004 5:08:00 PM   
panikovski

 

Posts: 25
Joined: 26.Jun.2004
Status: offline
quote:
Originally posted by Hercules:
Does the allow all rule from the internal network to the local host work in letting clients access the domain? This is the problem I am having -- I can't get an IP address from DHCP nor can I authenticate to my domain.

Thanks!
Yes, exactly. The 'allow all' rule from internal to the local host fully letting domains clients access DC.
But i am not sure, is this configuration secure?!
Well, waiting for Tom answer.

(in reply to face_offir)
Post #: 25

Page:   <<   < prev  1 [2] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Installation >> RE: ISA2004 and Active Directory Page: <<   < prev  1 [2]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts