• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Allow traceroute/tracert

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Access Policies >> Allow traceroute/tracert Page: [1]
Login
Message << Older Topic   Newer Topic >>
Allow traceroute/tracert - 22.Sep.2008 11:08:13 AM   
fixitchris

 

Posts: 148
Joined: 23.May2007
Status: offline
Traceroute from internal Linux machine is failing at hop1.  Tracert from Winxp is failing at hop2, first hop is ISA.  FW logs are showing Denied unidentified IP traffic with error 0x800733f5. 

What is necessary to enable traceroute?

(ps. I did try a All Users rule for PING protocol but this did not help)
Post #: 1
RE: Allow traceroute/tracert - 23.Sep.2008 8:28:04 AM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

is your client pc configured with the ISA´s internal IP as gateway?

Create an access rule as you said and it worked fine for me.

Regards,
Paulo Oliveira.

(in reply to fixitchris)
Post #: 2
RE: Allow traceroute/tracert - 23.Sep.2008 9:12:25 AM   
fixitchris

 

Posts: 148
Joined: 23.May2007
Status: offline
Yes it is.  What was the rule you  created?

(in reply to paulo.oliveira)
Post #: 3
RE: Allow traceroute/tracert - 24.Sep.2008 7:30:24 AM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

it was this one:

Action: Allow
Protocols: PING
From: <my_computer>
To: External
Condition: All users

Regards,
Paulo Oliveira.

(in reply to fixitchris)
Post #: 4
RE: Allow traceroute/tracert - 25.Sep.2008 9:14:57 AM   
fixitchris

 

Posts: 148
Joined: 23.May2007
Status: offline
I tried that rule.  Still get Unidentified IP traffic being denied...

(in reply to paulo.oliveira)
Post #: 5
RE: Allow traceroute/tracert - 19.Oct.2008 7:19:15 AM   
justmee

 

Posts: 505
Joined: 14.May2007
Status: offline
I think on Linux, traceroute uses UDP
http://en.wikipedia.org/wiki/Traceroute

< Message edited by justmee -- 19.Oct.2008 7:24:30 AM >

(in reply to fixitchris)
Post #: 6
RE: Allow traceroute/tracert - 13.Nov.2008 7:55:35 AM   
wmowafi

 

Posts: 6
Joined: 11.Nov.2008
Status: offline
Dears;

Any way to allow traceroute for the firewall client,, I am not using NATsecure client..any suggestions?


Waleed;

(in reply to justmee)
Post #: 7

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Access Policies >> Allow traceroute/tracert Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts