block messenger protocol, but block all (Full Version)

All Forums >> [ISA Server 2004 General ] >> General



Message


guilledelta -> block messenger protocol, but block all (14.Aug.2007 5:23:31 PM)

Hi,
I have an ISA 2004 set with the defaul rule to allow all.
Now I try to block messenger with a new rule that deny messenger protocol, and this rule is applyed to a group of users.
When Apply the new rule, nobody (the group of users and anothers) can't browse internet.

..What i'm doing wrong?
Thank You.
Guille




elmajdal -> RE: block messenger protocol, but block all (14.Aug.2007 8:09:16 PM)

quote:

Hi,
I have an ISA 2004 set with the defaul rule to allow all.


Correction, the Default rule is Deny From ALL Networks to ALL Networks, not Allow All. [;)]

quote:

Now I try to block messenger with a new rule that deny messenger protocol, and this rule is applyed to a group of users.
When Apply the new rule, nobody (the group of users and anothers) can't browse internet.

..What i'm doing wrong?
Thank You.
Guille


Check this : http://www.isaserver.org/tutorials/ISA-Firewall-Quick-Tip-Blocking-MSN-Messenger-Access-Enabling-Access-Some-Users.html

HTH,
Tarek




guilledelta -> RE: block messenger protocol, but block all (15.Aug.2007 7:10:45 AM)

Tarek:
Thank you for your answer!
When I say: "I have an ISA 2004 set with the defaul rule to allow all." I mean that I run the wizard and I allow all trafic between networks.

I know the document that you give me, but, why create a rule that deny trafic to the protocol messenger for some users block web traffic for all users?

Thank you again!
Guille




elmajdal -> RE: block messenger protocol, but block all (15.Aug.2007 7:29:34 AM)

do u have a snapshot of your rules ?

Have u tried blocking messenger using Signature ??




guilledelta -> RE: block messenger protocol, but block all (15.Aug.2007 9:02:40 AM)

Tarek:

Here you are the rulez:

http://picasaweb.google.com/guillemartin/Tecnico/photo#5098910833183465170

When I try to blocking messenger using Signature, when i just create the rule allow http and https and  apply this rule (without config signature) The users can't browse internet.

Some ideas?!?!?!
Thank you.!
Guille




guilledelta -> RE: block messenger protocol, but block all (17.Aug.2007 8:29:31 AM)

Hi!
Did you see the Snapshot? [:(]
Thank You!!
Guille.




elmajdal -> RE: block messenger protocol, but block all (5.Sep.2007 2:42:38 PM)

Hi,

i checked the Snapshot, but let me translate it :


  1. Allow > Ftp > From All Networks > To All Networks > All Users
  2. Allow > All Protocols > From VPN & Internal > To External & LocalHost & Internal > All Users
  3. Allow > All Protocols > From VPN Clients > To Internal > All Users
  4. Publish RDP > From External & Internal & LocalHost > To 192.168.1.5
  5. Allow > RA > From Internal > To Internal  & LocalHost > All Users


Did i translate your rules correctly ?





guilledelta -> RE: block messenger protocol, but block all (5.Sep.2007 4:21:38 PM)

Yes, This is right!!!!

Thank you!
Guille




elmajdal -> RE: block messenger protocol, but block all (5.Sep.2007 4:58:10 PM)

You should redefine you rules !!

quote:

Allow > Ftp > From All Networks > To All Networks > All Users

Why this FTP From all network to all network !!

narrow your Source & Destination, from where to where you want to allow FTP ??

quote:

Allow > All Protocols > From VPN & Internal > To External & LocalHost & Internal > All Users

What is this rule for ?!?!
is it for outbound ?
it should be
Allow >Protocols > From Internal > To External > Users
on this rule you define the signature for msn



quote:

Allow > All Protocols > From VPN Clients > To Internal > All Users

Ok This rule to allow VPN Clients to access Internal Resources

quote:

Publish RDP > From External & Internal & LocalHost > To 192.168.1.5

Ok you want to publish an RDP Server, why you include Internal & LocalHost ?

quote:

Allow > RA > From Internal > To Internal  & LocalHost > All Users


What is this rule for ?




Page: [1]