• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA and Internet Access win2003

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> General >> ISA and Internet Access win2003 Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA and Internet Access win2003 - 16.May2006 11:39:24 AM   
zillah

 

Posts: 11
Joined: 15.May2006
Status: offline
I have installed ISA (for testing purpose in the Lab) 2004 on windows 2003 SP1 Desktop (with two NICs).

It is obvoius that I can not access the net after installing ISA (before there was no problem), since there is firewall which is by default denies every thing.

The server by itself, there is no clients,,,,

What I did, I created another rule to enable the server to access the net, but it did not work!!!

i could not figured out where was my mistake.

Thanks

< Message edited by zillah -- 16.May2006 11:43:44 AM >
Post #: 1
RE: ISA and Internet Access win2003 - 16.May2006 12:49:40 PM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
 
is ur rule something like this ?? if not , then create this rule.

Allow > All Outbound Protocols > From LOCALHOST > To External > All Users

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to zillah)
Post #: 2
RE: ISA and Internet Access win2003 - 17.May2006 8:54:00 AM   
zillah

 

Posts: 11
Joined: 15.May2006
Status: offline
quote:

Allow > All Outbound Protocols > From LOCALHOST > To External > All Users

This is what I had already
Allow > All Outbound Traffic > From All Networks (and Local Host) > To External > All Users

I tried yours as well,,,it did not work



(in reply to elmajdal)
Post #: 3
RE: ISA and Internet Access win2003 - 17.May2006 11:12:20 AM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
did u set the proxy ??

for example , if ur ISA internal ip is 10.10.10.1

then set ur proxy to : 10.10.10.1 port 8080

HTH

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to zillah)
Post #: 4
RE: ISA and Internet Access win2003 - 17.May2006 11:27:14 AM   
zillah

 

Posts: 11
Joined: 15.May2006
Status: offline
quote:

did u set the proxy ??

No.

quote:

for example , if ur ISA internal ip is 10.10.10.1

With ISA sever only one NIC has been used to connect to net, the other NIC is unplugged.

The PC has been assigned public ip address.


quote:

then set ur proxy to : 10.10.10.1 port 8080

Do you mean I have to set this proxy, within Browser ? before ISA installation , I have not been using proxy


(in reply to elmajdal)
Post #: 5
RE: ISA and Internet Access win2003 - 17.May2006 12:01:21 PM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
how did u configure ur NIC ?? Default gateway , dns ??

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to zillah)
Post #: 6
RE: ISA and Internet Access win2003 - 17.May2006 12:04:29 PM   
zillah

 

Posts: 11
Joined: 15.May2006
Status: offline
quote:

how did u configure ur NIC ?? Default gateway , dns ??

Yes, Dynamic ip address.

(in reply to elmajdal)
Post #: 7
RE: ISA and Internet Access win2003 - 17.May2006 12:07:54 PM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
quote:

Yes, Dynamic ip address.


so u have a router infront of ISA server ?? have u configured a rule to allow dhcp request and reply from and to ISA server?

< Message edited by elmajdal -- 17.May2006 12:09:18 PM >


_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to zillah)
Post #: 8
RE: ISA and Internet Access win2003 - 17.May2006 12:13:32 PM   
zillah

 

Posts: 11
Joined: 15.May2006
Status: offline
quote:

so u have a router infront of ISA server ??

Yes, since I am doing this test at work. be aware i am doing this test on production environment, it is in the LAb.


quote:

have u configured a rule to allow dhcp request and reply from and to ISA server?

What should I configure to allow dhcp request and reply?,,,this is what I meant by :
quote:

i could not figured out where was my mistake.

(in reply to elmajdal)
Post #: 9
RE: ISA and Internet Access win2003 - 17.May2006 12:20:05 PM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
if your router is acting as a DHCP server , then create a new ComputerSet and add in this set the IP of your router.

then, create a new rule

Allow > DHCP ( Request) & DHCP ( Reply) > from LocalHost and ComputerSet > To Localhost and ComputerSet.


one thing, does your router has a public ip also ?? or it has 2 nics, one public and one private ?

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to zillah)
Post #: 10
RE: ISA and Internet Access win2003 - 20.May2006 9:39:18 AM   
zillah

 

Posts: 11
Joined: 15.May2006
Status: offline
quote:

then create a new ComputerSet and add in this set the IP of your router.

I did not get this, could you please explain ? Thanks

(in reply to elmajdal)
Post #: 11
RE: ISA and Internet Access win2003 - 20.May2006 3:11:04 PM   
LLigetfa

 

Posts: 2187
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
quote:

With ISA sever only one NIC has been used to connect to net, the other NIC is unplugged.

If the other NIC is unplugged, then you don't really have a firewall.
Should the rule then not be localhost to internal?

_____________________________

The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.

(in reply to zillah)
Post #: 12
RE: ISA and Internet Access win2003 - 20.May2006 4:57:55 PM   
zillah

 

Posts: 11
Joined: 15.May2006
Status: offline
quote:

If the other NIC is unplugged, then you don't really have a firewall.
Should the rule then not be localhost to internal?

Then what should I configure ?


(in reply to LLigetfa)
Post #: 13
RE: ISA and Internet Access win2003 - 21.May2006 5:41:28 PM   
zillah

 

Posts: 11
Joined: 15.May2006
Status: offline
What I did I made slight change to the rule

It was:
Allow > All Outbound Traffic > From All Networks (and Local Host) > To External > All Users

The new one is :
Allow > All Outbound Traffic > Local Host > To External and Local Host > All Users

Now it is working.

Do you thing the rule should be like what I have configured ?

(in reply to zillah)
Post #: 14
RE: ISA and Internet Access win2003 - 23.May2006 10:46:24 PM   
zillah

 

Posts: 11
Joined: 15.May2006
Status: offline
I get confused, the ISA server was able to get the ip address from DHCP server while it had this firewall rule configuration

http://img239.imageshack.us/img239/940/firstone3ld.jpg

It was :

Allow-->All outbound-->Local Host-->External and Local Host-->All Users



Today I could not find that ISA server was able to get ip address from DHCP server, therefore I change the configuration for the firewall to the below and it worked.

Allow-->All outbound-->Internal and Local Host-->External-->All Users

http://img127.imageshack.us/img127/8971/secondone0cc.jpg

I just configured the internal network to satisfy my LAN range ip addresses (public ip not private one), but I left loacl host and External as it is (default configuration)


(in reply to zillah)
Post #: 15

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> General >> ISA and Internet Access win2003 Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts