Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS |
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
ISA and Internet Access win2003
Users viewing this topic:
none
Logged in as: Guest
Login
ISA and Internet Access win2003 - 16.May2006 11:39:24 AM
zillah
Posts: 11
Joined: 15.May2006
Status: offline
I have installed ISA (for testing purpose in the Lab) 2004 on windows 2003 SP1 Desktop (with two NICs). It is obvoius that I can not access the net after installing ISA (before there was no problem), since there is firewall which is by default denies every thing. The server by itself, there is no clients,,,, What I did, I created another rule to enable the server to access the net, but it did not work!!! i could not figured out where was my mistake. Thanks
< Message edited by zillah -- 16.May2006 11:43:44 AM >
RE: ISA and Internet Access win2003 - 16.May2006 12:49:40 PM
elmajdal
Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
is ur rule something like this ?? if not , then create this rule. Allow > All Outbound Protocols > From LOCALHOST > To External > All Users
_____________________________ Tarek Majdalani Windows Expert - IT Pro MVP Facebook : https://www.facebook.com/ElMajdal.Net
RE: ISA and Internet Access win2003 - 17.May2006 8:54:00 AM
zillah
Posts: 11
Joined: 15.May2006
Status: offline
quote: Allow > All Outbound Protocols > From LOCALHOST > To External > All Users This is what I had already Allow > All Outbound Traffic > From All Networks (and Local Host ) > To External > All Users I tried yours as well,,,it did not work
RE: ISA and Internet Access win2003 - 17.May2006 11:12:20 AM
elmajdal
Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
did u set the proxy ?? for example , if ur ISA internal ip is 10.10.10.1 then set ur proxy to : 10.10.10.1 port 8080 HTH
_____________________________ Tarek Majdalani Windows Expert - IT Pro MVP Facebook : https://www.facebook.com/ElMajdal.Net
RE: ISA and Internet Access win2003 - 17.May2006 11:27:14 AM
zillah
Posts: 11
Joined: 15.May2006
Status: offline
quote: did u set the proxy ?? No. quote: for example , if ur ISA internal ip is 10.10.10.1 With ISA sever only one NIC has been used to connect to net, the other NIC is unplugged. The PC has been assigned public ip address. quote: then set ur proxy to : 10.10.10.1 port 8080 Do you mean I have to set this proxy, within Browser ? before ISA installation , I have not been using proxy
RE: ISA and Internet Access win2003 - 17.May2006 12:01:21 PM
elmajdal
Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
how did u configure ur NIC ?? Default gateway , dns ??
_____________________________ Tarek Majdalani Windows Expert - IT Pro MVP Facebook : https://www.facebook.com/ElMajdal.Net
RE: ISA and Internet Access win2003 - 17.May2006 12:04:29 PM
zillah
Posts: 11
Joined: 15.May2006
Status: offline
quote: how did u configure ur NIC ?? Default gateway , dns ?? Yes, Dynamic ip address.
RE: ISA and Internet Access win2003 - 17.May2006 12:07:54 PM
elmajdal
Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
quote: Yes, Dynamic ip address. so u have a router infront of ISA server ?? have u configured a rule to allow dhcp request and reply from and to ISA server?
< Message edited by elmajdal -- 17.May2006 12:09:18 PM >
_____________________________ Tarek Majdalani Windows Expert - IT Pro MVP Facebook : https://www.facebook.com/ElMajdal.Net
RE: ISA and Internet Access win2003 - 17.May2006 12:13:32 PM
zillah
Posts: 11
Joined: 15.May2006
Status: offline
quote: so u have a router infront of ISA server ?? Yes, since I am doing this test at work. be aware i am doing this test on production environment, it is in the LAb. quote: have u configured a rule to allow dhcp request and reply from and to ISA server? What should I configure to allow dhcp request and reply?,,,this is what I meant by : quote: i could not figured out where was my mistake.
RE: ISA and Internet Access win2003 - 17.May2006 12:20:05 PM
elmajdal
Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
if your router is acting as a DHCP server , then create a new ComputerSet and add in this set the IP of your router. then, create a new rule Allow > DHCP ( Request) & DHCP ( Reply) > from LocalHost and ComputerSet > To Localhost and ComputerSet. one thing, does your router has a public ip also ?? or it has 2 nics, one public and one private ?
_____________________________ Tarek Majdalani Windows Expert - IT Pro MVP Facebook : https://www.facebook.com/ElMajdal.Net
RE: ISA and Internet Access win2003 - 20.May2006 9:39:18 AM
zillah
Posts: 11
Joined: 15.May2006
Status: offline
quote: then create a new ComputerSet and add in this set the IP of your router. I did not get this, could you please explain ? Thanks
RE: ISA and Internet Access win2003 - 20.May2006 3:11:04 PM
LLigetfa
Posts: 2187
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
quote: With ISA sever only one NIC has been used to connect to net, the other NIC is unplugged. If the other NIC is unplugged, then you don't really have a firewall. Should the rule then not be localhost to internal?
_____________________________ The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.
RE: ISA and Internet Access win2003 - 20.May2006 4:57:55 PM
zillah
Posts: 11
Joined: 15.May2006
Status: offline
quote: If the other NIC is unplugged, then you don't really have a firewall. Should the rule then not be localhost to internal? Then what should I configure ?
RE: ISA and Internet Access win2003 - 21.May2006 5:41:28 PM
zillah
Posts: 11
Joined: 15.May2006
Status: offline
What I did I made slight change to the rule It was: Allow > All Outbound Traffic > From All Networks (and Local Host) > To External > All Users The new one is : Allow > All Outbound Traffic > Local Host > To External and Local Host > All Users Now it is working. Do you thing the rule should be like what I have configured ?
RE: ISA and Internet Access win2003 - 23.May2006 10:46:24 PM
zillah
Posts: 11
Joined: 15.May2006
Status: offline
I get confused, the ISA server was able to get the ip address from DHCP server while it had this firewall rule configuration http://img239.imageshack.us/img239/940/firstone3ld.jpg It was : Allow-->All outbound-->Local Host-->External and Local Host-->All Users Today I could not find that ISA server was able to get ip address from DHCP server, therefore I change the configuration for the firewall to the below and it worked. Allow-->All outbound-->Internal and Local Host-->External-->All Users http://img127.imageshack.us/img127/8971/secondone0cc.jpg I just configured the internal network to satisfy my LAN range ip addresses (public ip not private one), but I left loacl host and External as it is (default configuration)
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread Reply to Message Post New Poll Submit Vote Delete My Own Post Delete My Own Thread Rate Posts