ISA and SOCKS (Full Version)

All Forums >> [ISA 2006 Web Proxy] >> Unihomed



Message


rafael2gc -> ISA and SOCKS (22.Aug.2007 10:39:06 AM)

Hi,
I would like to kwon if ISA 2006 works as a SOCKS gateway ?
If  i active the Socks4 filter, and configure it to listen on localhost/internal networks and them create on rule allowing the internal network to acess the external networks via SOCKS protocol it means that:
1) ISA server will receive the client resquest via SOCKS, conect the destination on behalf of the client and them return to the client, acting as real socks PROXY

2) ISA server will just allow the socks packet pass through to reach a external socks server.

Wich one is right ?

Sds,
Rafael




spouseele -> RE: ISA and SOCKS (22.Aug.2007 2:20:45 PM)

Hi Rafael ,

what are you really trying to accomplish? Normally you don't gain any benefit in using ISA as a SOCKS proxy server.

HTH,
Stefaan




rafael2gc -> RE: ISA and SOCKS (22.Aug.2007 2:42:32 PM)

Hi Stefaan,
The problem is that i'm doing a migration from Novell Border Manager to ISA 2006 and the Border manager works as a Socks proxy server, them the client want keep this functionality.

ISA works as a Socks proxy server ? Couse i've tried and it doesnt work.
I build one in a lab with ubuntu and SS5 Socks Server and it works just fine.

Sds,
Rafael




spouseele -> RE: ISA and SOCKS (22.Aug.2007 3:57:09 PM)

Hi Rafael,

I never tried it but I believe ISA can work as a Socks V4 proxy by binding the Socks filter to the ISA internal interface. However, no authentication is possible because only Socks V4 is supported.

BTW --- in the ISA world you should use the Firewall client instead of a Socks client. [:D]

HTH,
Stefaan




rafael2gc -> RE: ISA and SOCKS (23.Aug.2007 9:08:05 AM)

Hi Stefaan,

There are any docs explain how it works, couse the ISA help is limited to tell how to enable de add-in (what a shame).There's not too much to configure, just enable the add-in and choose in wich interface isa will listem for Socks.
I did it, and them create one rule, allowing internal to external using socks protocol and it doenst work.
There are anything more to configure or what ?

Thanks
Rafaelgc




spouseele -> RE: ISA and SOCKS (23.Aug.2007 2:23:46 PM)

Hi Rafael,

hmm... that's not the way I think it works!

By enabling the Socks filter on the ISA internal interface, a listener is created on TCP port 1080. You can verify that with the command fwengmon /C. At that point Socks v4 requests will be accepted on the ISA internal interface. So, you don't need to create an allow rule for the Socks protocol/listener itself.

Of course you should create the necessary access rules for the source, destinations and protocols the client will request through the Socks protocol.

HTH,
Stefaan




Page: [1]