• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Access Rules vs. Publishing?

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> General >> Access Rules vs. Publishing? Page: [1]
Login
Message << Older Topic   Newer Topic >>
Access Rules vs. Publishing? - 9.Jun.2005 5:56:00 PM   
grinn253

 

Posts: 76
Joined: 12.Jul.2004
From: Seattle
Status: offline
Hello,

I've always thought that Access rules are for Outgoing connections (Internal to external); with Publishing for incoming traffic (external to internal/perimeter). "[Confused]"
Well after reading:
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/excludingaddressesfromvpn. mspx

It seems they used an access rule to allow incoming connections from external networks! "[Confused]"

I duplicated their scenerio and indeed access rules for incoming connections did work. Can someone help me understand the difference betweek the two? What if publish was used instead of the access rule? "[Frown]"

Thanks,
Edgardo (feeling like such a newbie right now "[Embarrassed]" ) "[Razz]"

[ June 09, 2005, 05:57 PM: Message edited by: grinn253 ]
Post #: 1
RE: Access Rules vs. Publishing? - 9.Jun.2005 10:36:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Edgardo,

Indeed! It is a bit confusing.

If there is a ROUTE relationship between the source and destination Networks, you can create either an Access Rule or a Publishing Rule.

If there is a NAT relationship between the source and destination Network, then you can create Access Rules from the NATed Network to the destination Network, and Publishing Rules from the non-NATed Network to the NATed Network. For example, if you have a NAT relationship between the Default Internal Network and the default External Network, then you create Access rules from Internal to External, and Publishing Rules from External to Internal.

Make sense?

HTH,
Tom

(in reply to grinn253)
Post #: 2
RE: Access Rules vs. Publishing? - 10.Jun.2005 12:14:00 AM   
isawader

 

Posts: 420
Joined: 27.Apr.2005
Status: offline
Tom,

I understood this concept. However, I am not sure the advandage of using a publishing rule rather than an Access Rule or vice versa from a non-NATed Network to NATed Network.

(in reply to grinn253)
Post #: 3
RE: Access Rules vs. Publishing? - 10.Jun.2005 11:45:00 AM   
grinn253

 

Posts: 76
Joined: 12.Jul.2004
From: Seattle
Status: offline
quote:
Originally posted by tshinder:
Make sense?

[Smile] Hmm, well after reading your post, i was reminded of your article regarding publishing Public IPs in a DMZ:
http://www.isaserver.org/articles/2004pubdmzservers.html
And yes now it makes sense again! :Thanks for jogging my memory [Big Grin]

Goodbye!
Edgardo

btw, great ISA Server 2004 book It is an awesome resource with nicely organized information! Makes looking for information so much more appealing.

(in reply to grinn253)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> General >> Access Rules vs. Publishing? Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts