• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

block messenger protocol, but block all

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> General >> block messenger protocol, but block all Page: [1]
Login
Message << Older Topic   Newer Topic >>
block messenger protocol, but block all - 14.Aug.2007 5:23:31 PM   
guilledelta

 

Posts: 101
Joined: 3.Jun.2001
From: Buenos Aires, Argentina
Status: offline
Hi,
I have an ISA 2004 set with the defaul rule to allow all.
Now I try to block messenger with a new rule that deny messenger protocol, and this rule is applyed to a group of users.
When Apply the new rule, nobody (the group of users and anothers) can't browse internet.

..What i'm doing wrong?
Thank You.
Guille

< Message edited by guilledelta -- 14.Aug.2007 5:28:04 PM >
Post #: 1
RE: block messenger protocol, but block all - 14.Aug.2007 8:09:16 PM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
quote:

Hi,
I have an ISA 2004 set with the defaul rule to allow all.


Correction, the Default rule is Deny From ALL Networks to ALL Networks, not Allow All.

quote:

Now I try to block messenger with a new rule that deny messenger protocol, and this rule is applyed to a group of users.
When Apply the new rule, nobody (the group of users and anothers) can't browse internet.

..What i'm doing wrong?
Thank You.
Guille


Check this : http://www.isaserver.org/tutorials/ISA-Firewall-Quick-Tip-Blocking-MSN-Messenger-Access-Enabling-Access-Some-Users.html

HTH,
Tarek

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to guilledelta)
Post #: 2
RE: block messenger protocol, but block all - 15.Aug.2007 7:10:45 AM   
guilledelta

 

Posts: 101
Joined: 3.Jun.2001
From: Buenos Aires, Argentina
Status: offline
Tarek:
Thank you for your answer!
When I say: "I have an ISA 2004 set with the defaul rule to allow all." I mean that I run the wizard and I allow all trafic between networks.

I know the document that you give me, but, why create a rule that deny trafic to the protocol messenger for some users block web traffic for all users?

Thank you again!
Guille

(in reply to elmajdal)
Post #: 3
RE: block messenger protocol, but block all - 15.Aug.2007 7:29:34 AM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
do u have a snapshot of your rules ?

Have u tried blocking messenger using Signature ??

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to guilledelta)
Post #: 4
RE: block messenger protocol, but block all - 15.Aug.2007 9:02:40 AM   
guilledelta

 

Posts: 101
Joined: 3.Jun.2001
From: Buenos Aires, Argentina
Status: offline
Tarek:

Here you are the rulez:

http://picasaweb.google.com/guillemartin/Tecnico/photo#5098910833183465170

When I try to blocking messenger using Signature, when i just create the rule allow http and https and  apply this rule (without config signature) The users can't browse internet.

Some ideas?!?!?!
Thank you.!
Guille

< Message edited by guilledelta -- 15.Aug.2007 9:05:38 AM >

(in reply to elmajdal)
Post #: 5
RE: block messenger protocol, but block all - 17.Aug.2007 8:29:31 AM   
guilledelta

 

Posts: 101
Joined: 3.Jun.2001
From: Buenos Aires, Argentina
Status: offline
Hi!
Did you see the Snapshot?
Thank You!!
Guille.

< Message edited by guilledelta -- 4.Sep.2007 7:49:02 AM >

(in reply to guilledelta)
Post #: 6
RE: block messenger protocol, but block all - 5.Sep.2007 2:42:38 PM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
Hi,

i checked the Snapshot, but let me translate it :


  1. Allow > Ftp > From All Networks > To All Networks > All Users
  2. Allow > All Protocols > From VPN & Internal > To External & LocalHost & Internal > All Users
  3. Allow > All Protocols > From VPN Clients > To Internal > All Users
  4. Publish RDP > From External & Internal & LocalHost > To 192.168.1.5
  5. Allow > RA > From Internal > To Internal  & LocalHost > All Users


Did i translate your rules correctly ?



_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to guilledelta)
Post #: 7
RE: block messenger protocol, but block all - 5.Sep.2007 4:21:38 PM   
guilledelta

 

Posts: 101
Joined: 3.Jun.2001
From: Buenos Aires, Argentina
Status: offline
Yes, This is right!!!!

Thank you!
Guille

(in reply to elmajdal)
Post #: 8
RE: block messenger protocol, but block all - 5.Sep.2007 4:58:10 PM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
You should redefine you rules !!

quote:

Allow > Ftp > From All Networks > To All Networks > All Users

Why this FTP From all network to all network !!

narrow your Source & Destination, from where to where you want to allow FTP ??

quote:

Allow > All Protocols > From VPN & Internal > To External & LocalHost & Internal > All Users

What is this rule for ?!?!
is it for outbound ?
it should be
Allow >Protocols > From Internal > To External > Users
on this rule you define the signature for msn



quote:

Allow > All Protocols > From VPN Clients > To Internal > All Users

Ok This rule to allow VPN Clients to access Internal Resources

quote:

Publish RDP > From External & Internal & LocalHost > To 192.168.1.5

Ok you want to publish an RDP Server, why you include Internal & LocalHost ?

quote:

Allow > RA > From Internal > To Internal  & LocalHost > All Users


What is this rule for ?

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to guilledelta)
Post #: 9

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> General >> block messenger protocol, but block all Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts