• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

I CANNOT be the only person needing this...

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> I CANNOT be the only person needing this... Page: [1]
Login
Message << Older Topic   Newer Topic >>
I CANNOT be the only person needing this... - 30.Jan.2006 7:26:44 PM   
sm00ter

 

Posts: 21
Joined: 19.Jan.2005
From: Ohio
Status: offline
Ok, I have searched and searched but had not luck on this one.  I am sure it is a "search terms" issue, and it is here somewhere but I haven't found it and I am tired of looking!

I have an ISA 2004 Server.  It runs Websense Enterprise 5.5.2.  It has the Logserver, RTA, and Explorer components installed locally on it.

I want to move them to another server (because I couldn't get any info on accessing a website LOCALLY installed ON THE ISA Server), and I know I need ports 55805-55868 open between the ISA/Websense server to be able to pull the log information from Websense for the reports/Real Time Analyzer.

I have a rule that is configured as such:

Name: Websense Ports
Action: Allow
Protocols: Websense (consists of ports TCP 55805-5586 no filters selected)
From: Reporting Server (IP Address added)
To: Local Host and Proxy Server (same machine/info, just grasping for straws!)
Condition: All Users

I see in the Monitor that the traffic is beind dropped due to "Unidentified IP Traffic" "Denied Connection" no Rule info

Can someone give me the answer to opening up a port to connect directly TO THE ISA Server!  Jeesh!

Thanks,

sm00ter
Post #: 1
RE: I CANNOT be the only person needing this... - 30.Jan.2006 7:52:04 PM   
jbarsodi

 

Posts: 114
Joined: 10.Aug.2001
From: Sparks, NV
Status: offline
Hi Sm00ter,

Change your "To:" to LocalHost only.

Where is this rule in your list of rules?  are there any specific deny rules above this rule?

Can you verify the protocol you created? "ports TCP 55805-5586"  I assume that was just a typo on the post.

(in reply to sm00ter)
Post #: 2
RE: I CANNOT be the only person needing this... - 30.Jan.2006 8:26:42 PM   
sm00ter

 

Posts: 21
Joined: 19.Jan.2005
From: Ohio
Status: offline
jbarsodi,

Thanks for the reply, I made the change you suggested with no success.

Your correct though, it was a typo, it should be
55805-55868

It is the first rule in the rulebase as well.

Thanks for your help!

sm00ter

(in reply to jbarsodi)
Post #: 3
RE: I CANNOT be the only person needing this... - 30.Jan.2006 11:46:39 PM   
jbarsodi

 

Posts: 114
Joined: 10.Aug.2001
From: Sparks, NV
Status: offline
Hi Sm00ter,
Can you tell me what your protocol definition looks like?



-John

< Message edited by jbarsodi -- 31.Jan.2006 1:34:02 AM >

(in reply to sm00ter)
Post #: 4
RE: I CANNOT be the only person needing this... - 31.Jan.2006 3:01:49 AM   
sm00ter

 

Posts: 21
Joined: 19.Jan.2005
From: Ohio
Status: offline
jbarsodi,

I am not sure what you are asking for, but I have my rule exported and its contents are in the body of this post.

Again, thanks for your help!

<?xml version="1.0" encoding="UTF-8"?>
<fpc4:Root xmlns:fpc4="http://schemas.microsoft.com/isa/config-4" xmlns:dt="urn:schemas-microsoft-com:datatypes" StorageName="FPC" StorageType="0">
    <fpc4:Build dt:dt="string">4.0.2161.50</fpc4:Build>
    <fpc4:Comment dt:dt="string"/>
    <fpc4:Edition dt:dt="int">80</fpc4:Edition>
    <fpc4:ExportItemClassCLSID dt:dt="string">{59740B3A-8771-492C-AF59-7764F4F939EF}</fpc4:ExportItemClassCLSID>
    <fpc4:ExportItemStorageName dt:dt="string">{EBDB04EE-0073-4281-A834-25607FC5EB60}</fpc4:ExportItemStorageName>
    <fpc4:IsaXmlVersion dt:dt="string">1.0</fpc4:IsaXmlVersion>
    <fpc4:OptionalData dt:dt="int">4</fpc4:OptionalData>
    <fpc4:Upgrade dt:dt="boolean">0</fpc4:Upgrade>
    <fpc4:Arrays StorageName="Arrays" StorageType="0">
        <fpc4:Array StorageName="{212E339A-F188-42DD-8BC9-398CAC94098A}" StorageType="0">
            <fpc4:Components dt:dt="int">-1</fpc4:Components>
            <fpc4:Name dt:dt="string"/>
            <fpc4:ArrayPolicy StorageName="ArrayPolicy" StorageType="0">
                <fpc4:Name dt:dt="string"/>
                <fpc4:PolicyRules StorageName="PolicyRules" StorageType="0">
                    <fpc4:PolicyRule StorageName="{EBDB04EE-0073-4281-A834-25607FC5EB60}" StorageType="1">
                        <fpc4:Enabled dt:dt="boolean">1</fpc4:Enabled>
                        <fpc4:Name dt:dt="string">Websense Ports</fpc4:Name>
                        <fpc4:Order dt:dt="bin.hex">0dfcffff01000000b0211243c325c601</fpc4:Order>
                        <fpc4:SelectionIPs StorageName="SourceSelectionIPs" StorageType="1">
                            <fpc4:Refs StorageName="Networks" StorageType="1"/>
                            <fpc4:Refs StorageName="NetworkSets" StorageType="1"/>
                            <fpc4:Refs StorageName="Computers" StorageType="1">
                                <fpc4:Ref StorageName="{B2F1F6EF-2539-4AE5-A4E8-870162EDE6A8}" StorageType="1">
                                    <fpc4:Name dt:dt="string">{B67CC326-9257-4600-9D99-0665D483D950}</fpc4:Name>
                                    <fpc4:RefClass dt:dt="string">msFPCComputer</fpc4:RefClass>
                                </fpc4:Ref>
                            </fpc4:Refs>
                            <fpc4:Refs StorageName="AddressRanges" StorageType="1"/>
                            <fpc4:Refs StorageName="Subnets" StorageType="1"/>
                            <fpc4:Refs StorageName="ComputerSets" StorageType="1"/>
                        </fpc4:SelectionIPs>
                        <fpc4:Ref StorageName="ScheduleUsed" StorageType="1"/>
                        <fpc4:AccessProperties StorageName="AccessProperties" StorageType="1">
                            <fpc4:ProtocolSelectionMethod dt:dt="int">1</fpc4:ProtocolSelectionMethod>
                            <fpc4:SelectionIPs StorageName="DestinationSelectionIPs" StorageType="1">
                                <fpc4:Refs StorageName="Networks" StorageType="1">
                                    <fpc4:Ref StorageName="{6741390F-5F13-4B3C-B71F-ED0F5FB16F6F}" StorageType="1">
                                        <fpc4:Name dt:dt="string">{5ED77DCE-8110-4821-B445-008B7E6B7F6D}</fpc4:Name>
                                        <fpc4:RefClass dt:dt="string">msFPCNetwork</fpc4:RefClass>
                                    </fpc4:Ref>
                                </fpc4:Refs>
                                <fpc4:Refs StorageName="NetworkSets" StorageType="1"/>
                                <fpc4:Refs StorageName="Computers" StorageType="1"/>
                                <fpc4:Refs StorageName="AddressRanges" StorageType="1"/>
                                <fpc4:Refs StorageName="Subnets" StorageType="1"/>
                                <fpc4:Refs StorageName="ComputerSets" StorageType="1"/>
                            </fpc4:SelectionIPs>
                            <fpc4:Refs StorageName="DestinationDomainNameSets" StorageType="1"/>
                            <fpc4:Refs StorageName="ProtocolsUsed" StorageType="1">
                                <fpc4:Ref StorageName="{DA405F79-0392-413D-B1B0-92408AD6C3BF}" StorageType="1">
                                    <fpc4:Name dt:dt="string">{B4351F44-A54A-4E05-9BAE-E1EE5AD12090}</fpc4:Name>
                                    <fpc4:RefClass dt:dt="string">msFPCProtocol</fpc4:RefClass>
                                </fpc4:Ref>
                            </fpc4:Refs>
                            <fpc4:Refs StorageName="ContentTypeSetsUsed" StorageType="1"/>
                            <fpc4:Refs StorageName="URLSet" StorageType="1"/>
                            <fpc4:Refs StorageName="UserSets" StorageType="1">
                                <fpc4:Ref StorageName="{74B651FD-D1A4-4FA0-A85A-44D0FA905D33}" StorageType="1">
                                    <fpc4:Name dt:dt="string">{DFFB7833-9365-4184-AABC-7CAFB018A7FA}</fpc4:Name>
                                    <fpc4:RefClass dt:dt="string">msFPCUserSet</fpc4:RefClass>
                                </fpc4:Ref>
                            </fpc4:Refs>
                        </fpc4:AccessProperties>
                    </fpc4:PolicyRule>
                </fpc4:PolicyRules>
            </fpc4:ArrayPolicy>
            <fpc4:RuleElements StorageName="RuleElements" StorageType="0">
                <fpc4:Computers StorageName="Computers" StorageType="0">
                    <fpc4:Computer StorageName="{B67CC326-9257-4600-9D99-0665D483D950}" StorageType="2">
                        <fpc4:Description dt:dt="string">BR01AS02</fpc4:Description>
                        <fpc4:IPAddress dt:dt="string">172.16.1.72</fpc4:IPAddress>
                        <fpc4:Name dt:dt="string">BR01AS02</fpc4:Name>
                    </fpc4:Computer>
                </fpc4:Computers>
                <fpc4:Protocols StorageName="Protocols" StorageType="0">
                    <fpc4:Protocol StorageName="{B4351F44-A54A-4E05-9BAE-E1EE5AD12090}" StorageType="2">
                        <fpc4:Components dt:dt="int">-5</fpc4:Components>
                        <fpc4:Name dt:dt="string">Websense</fpc4:Name>
                        <fpc4:Predefined dt:dt="boolean">0</fpc4:Predefined>
                        <fpc4:ProtocolCategory dt:dt="int">1</fpc4:ProtocolCategory>
                        <fpc4:ProtocolConnections StorageName="SecondaryConnections" StorageType="2"/>
                        <fpc4:Refs StorageName="ApplicationFilters" StorageType="2"/>
                        <fpc4:ProtocolConnections StorageName="PrimaryConnections" StorageType="2">
                            <fpc4:ProtocolConnection StorageName="{FB91FDBB-C406-4785-B0D7-963B52269B62}" StorageType="2">
                                <fpc4:PortHigh dt:dt="int">55868</fpc4:PortHigh>
                                <fpc4:PortLow dt:dt="int">55805</fpc4:PortLow>
                            </fpc4:ProtocolConnection>
                        </fpc4:ProtocolConnections>
                    </fpc4:Protocol>
                </fpc4:Protocols>
                <fpc4:UserSets StorageName="User-Sets" StorageType="0">
                    <fpc4:UserSet StorageName="{DFFB7833-9365-4184-AABC-7CAFB018A7FA}" StorageType="2">
                        <fpc4:Description dt:dt="string">Predefined user set representing all users. A rule defined using this set will apply to all users, both authenticated and unauthenticated.</fpc4:Description>
                        <fpc4:Name dt:dt="string">All Users</fpc4:Name>
                        <fpc4:Predefined dt:dt="boolean">1</fpc4:Predefined>
                        <fpc4:Accounts StorageName="Access" StorageType="2"/>
                        <fpc4:NonWindowsUsers StorageName="NonWindowsUsers" StorageType="2"/>
                    </fpc4:UserSet>
                </fpc4:UserSets>
            </fpc4:RuleElements>
            <fpc4:NetConfig StorageName="NetConfig" StorageType="0">
                <fpc4:Networks StorageName="Networks" StorageType="0">
                    <fpc4:Network StorageName="{5ED77DCE-8110-4821-B445-008B7E6B7F6D}" StorageType="2">
                        <fpc4:Description dt:dt="string">Built-in network object representing the ISA Server computer.</fpc4:Description>
                        <fpc4:Name dt:dt="string">Local Host</fpc4:Name>
                        <fpc4:NetworkConnectionType dt:dt="int">3</fpc4:NetworkConnectionType>
                        <fpc4:NetworkType dt:dt="int">2</fpc4:NetworkType>
                        <fpc4:WebListenerProperties StorageName="WebListenerProperties" StorageType="2">
                            <fpc4:SSLPort dt:dt="int">0</fpc4:SSLPort>
                            <fpc4:TCPPort dt:dt="int">8080</fpc4:TCPPort>
                            <fpc4:AppliedSSLCertificates StorageName="AppliedSSLCertificates" StorageType="2"/>
                        </fpc4:WebListenerProperties>
                    </fpc4:Network>
                </fpc4:Networks>
            </fpc4:NetConfig>
        </fpc4:Array>
    </fpc4:Arrays>
</fpc4:Root>

sm00ter

(in reply to jbarsodi)
Post #: 5
RE: I CANNOT be the only person needing this... - 31.Jan.2006 3:45:58 PM   
ClintD

 

Posts: 1848
Joined: 26.Jan.2001
From: Keller, TX
Status: offline
He means, what exactly, are the properties of the Web Sense Protocol object that you created? Specifically, did you make it Outbound (required for Access Rules) or Inbound (used for Server Publishing rules)?

(in reply to sm00ter)
Post #: 6

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> I CANNOT be the only person needing this... Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts