• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

How do I restrict access with the FWC

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Firewall Client >> How do I restrict access with the FWC Page: [1]
Login
Message << Older Topic   Newer Topic >>
How do I restrict access with the FWC - 19.Jan.2006 8:07:35 PM   
DBornack

 

Posts: 67
Joined: 8.Jan.2004
From: Chicago, IL
Status: offline
Seems that I'm allowed to do ANYTHING when I have the firewall client installed on my computer.  Do I need to edit the server-side FWC application settings??
Post #: 1
RE: How do I restrict access with the FWC - 19.Jan.2006 8:41:15 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi D,

What exactly are you trying to accomplish?

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to DBornack)
Post #: 2
RE: How do I restrict access with the FWC - 19.Jan.2006 9:31:26 PM   
DBornack

 

Posts: 67
Joined: 8.Jan.2004
From: Chicago, IL
Status: offline
Well, I have a handful of FTP users here that need FTP upload capability, which also isn't working at the moment and I can't figure out why, so I was about to start a thread on that..

Anyways..   I just want to add the FTP upload capability to these users without allowing them to do anything else aside from HTTP, and HTTPS.  I am testing on my box with the FWC client right now, and I am able to stream, IM, etc.. 

Thanks for your quick response Tom, and please look for my FTP thread here --- http://forums.isaserver.org/m_2002004184/mpage_1/key_/tm.htm#2002004184

(in reply to tshinder)
Post #: 3
RE: How do I restrict access with the FWC - 19.Jan.2006 10:18:21 PM   
LLigetfa

 

Posts: 2187
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
Just to be clear on the title of this topic, you do NOT restrict access with the FWC, you restrict access at the ISA server with rules.  The FWC is just along for the ride.

It is a matter of ordering rules properly, not allowing unlimited access on the first rule.  I have dozens of rules, some anonymous and most requiring authentication that allows me to have the granularity of access you are looking for.

_____________________________

The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.

(in reply to DBornack)
Post #: 4
RE: How do I restrict access with the FWC - 19.Jan.2006 11:25:10 PM   
DBornack

 

Posts: 67
Joined: 8.Jan.2004
From: Chicago, IL
Status: offline
So basically a Deny all but FTP, HTTP, HTTPS rule above the other access rules is needed? 

Thanks, I will play around with some rules.

Just to be clear on my end, I already have rules in place that restrict, and give me the access I desire for my users to have, and this works fine with WP clients, just not with FWC..  

(in reply to LLigetfa)
Post #: 5
RE: How do I restrict access with the FWC - 19.Jan.2006 11:32:02 PM   
DBornack

 

Posts: 67
Joined: 8.Jan.2004
From: Chicago, IL
Status: offline
Very cool..  it worked just as I described it above..   ISA is fun!! :)

I made a Deny all but the selected protocols rule..   awesome!

Thanks!!!  Now if I can just figure out my FTP problems..    

(in reply to DBornack)
Post #: 6
RE: How do I restrict access with the FWC - 20.Jan.2006 5:23:59 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi D,

Instead of creating a Deny rule, create an allow rule.

If you have a group of users, for example, LUSERS, and you want to allow them access only to the HTTP, HTTPS and FTP protocols, then just create a rule that applies to that domain global group that allows them access to those protocols, and then don't create any other allow rules that apply to that group that would extend their access through the ISA firewall.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to DBornack)
Post #: 7
RE: How do I restrict access with the FWC - 20.Jan.2006 7:26:43 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi D,

another article you might be interested in: http://www.isaserver.org/articles/ISA2004_AccessRules.html.

HTH,
Stefaan

(in reply to tshinder)
Post #: 8
RE: How do I restrict access with the FWC - 20.Jan.2006 8:23:56 PM   
DBornack

 

Posts: 67
Joined: 8.Jan.2004
From: Chicago, IL
Status: offline
Thanks for the help!

(in reply to spouseele)
Post #: 9
RE: How do I restrict access with the FWC - 21.Jan.2006 3:54:58 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi D,

Let us know how it works out for you!

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to DBornack)
Post #: 10

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Firewall Client >> How do I restrict access with the FWC Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts