I'm trying to allow the TeamSpeak (client) software to work from behind ISA to connect to externally hosted servers, but unlike most of the other stuff I've done with ISA I can't get this to work.
From the Teamspeak FAQ,
Q: Which ports does the client use?
The TeamSpeak client uses RANDOM ports from the whole 1024-65535 range for source port and sends to port 8767 (UDP) unless indicated otherwise.
I assumed that opening just port 8767 would suffice to allow connections, as surely no-one would write an application that requires 64,000 ports to be opened. Seems I was wrong, opening just 8767 doesn't allow communications.
For situations when I can't work out what is going on and it's driving me mad, I have a 'bulk allow' rule which opens every single port.. which allows me to make certain it is my end causing the problem and not the other end. (Yes, it's a ridiculous security risk - but I only turn it on for 10-15 seconds at a time, once every 6 months or so.)
By doing that I was able to establish a connection to the external TeamSpeak server. Do you folks agree that that makes it sound like to use this application I would need to open all 64,000 ports - or am I missing something? If that is the case, that is unacceptable & TeamSpeak will not be operating on my network.
I am having the same problem with Teamspeak. It worked before I added the latest service Pack to ISA 2004 using unrestricted access from my internal network. Now it does not. I ran a packet sniffer and the monitoring feature on ISA to see what was happening. This is what I see: Random local port sends UDP---> Port 8767 on external Teamspeak server. Teamspeak server responds by sending UDP back to the same port the connection was initiated on locally. It is here that the ISA server marks the incoming packets as unknown traffic and drops them. I tried making some different protocol definitions using only primary, or primary and secondary connections, but none seem to work. The best I can do is to get ISA to recognize the Teamspeak protocol outgoing. It still dumps the return traffic.
More than likely you have two network cards on your ISA machine. I am running teamspeak on my SBS 2003 Premium box and only had to create a publish server rule in ISA for Teamspeak UDP Server 8767. However, you must modify the teamspeak ini file and set BoundToIp1= to the ip address of whatever NIC of the server you are publishing. In my case it was the internal nic of 192.168.16.2. Teamspeak worked just fine then.