sir/mam can anyone help me with my problem i have installed isa 2006 and i am only new with its access rules. my problem is that i want to make my torrent program works for downloading important files. pls can anyone help me to configure my rules in a simple manner thanks in advance
im using bitcomet sir and its listening port is 25998. i just want to ask the right step on how will i configure the isa server to make my bitcomet work
Personally I think that Bittorrents shouldn't be allowed on a cooperate network.
However you should use server publishing rules to allow incoming traffic. For outgoing traffic you should specify your own needed ports.
< Message edited by Dumber -- 16.Mar.2009 4:59:26 AM >
_____________________________
Marcel Netherlands
MCTS, MCITP (SA,EA) MCP, MCSA:Security, MCSE:Security, CCNA, CCSA, CCSE, CCSE+ No matter how secure, there is always the human factor. http://www.phetios.com/
That's indeed what I meant. In my experience this is usually where it's used for. However I also know that some Linux distro's are distributed via torrents.
_____________________________
Marcel Netherlands
MCTS, MCITP (SA,EA) MCP, MCSA:Security, MCSE:Security, CCNA, CCSA, CCSE, CCSE+ No matter how secure, there is always the human factor. http://www.phetios.com/
Typically, when you open the .torrent file in your bittorrent client, this client will connect to the tracker to download a list of peers(seeds and leechers). A HTTP GET request to the port the tracker is listening to will be issued by the client. For example if I want to download Vyatta using bittorrent, their tracker uses 6969 if I remember correctly.
If you configure your bittorrent client to use ISA as a proxy, likely you are going to nail it, as after the client download the list of peers, the client will issue CONNECT requests to the remote peers on the ports on which they listen, typically higher TCP ports. ISA only allows such requests to port 443(per draft).
Also, in your bittorrent client you can configure a port for incoming connections. If you want to allow this, you need to forward this port to your machine(using server publishing rules), TCP and UDP(if you want to use DHT).
As outbound rule, your best bet is to create an allow all access rule for your bittorrent client machine, as it's hard to know in advance what ports the remote peers use(as said before higher TCP and UDP(if DHT is used) ports. Once you figure how things work, you may "restrict" this rule(likely a big number of ports would still be needed).
It would be a good idea to isolate this machine on an ISA network. I'm not saying you are downloading warez, just this machine would be allowed to connect quite unrestricted to the Internet, so it would be good to isolate it.
If you want to download the .torrent file from a web server, make sure, in case you configured some allowed content types, that application/x-bittorrent is allowed.
Right click Protocol Definitions and enter a name for the protocol def, then enter the Port and protocol information
The protocol definitions you create are then used with the protocol rules to allow or deny clients using these protocols. To check to verify that your protocol rule is set to allow the new definition, display the properties of your protocol rule, click the protocol tab and verify that the rule applies to "all ip traffic". All IP traffic is defined as all the protocols you've defined under Policy elements, protocol definitions.
Set a static inbound port in your Bit Torrent client - for instance 321
Then create a new Allow from Internal to External firewall rule on the TMG server, with a new protocol definition as follows:
TCP 1024-65535 Out UDP 1024-65535 Send Receive TCP 321 Out UDP 321 Send Receive
Secondary Connection
TCP 321 In UDP 321 Receive.
I strongly suggest you restrict this to a specific internal host for security!
Change 321 to whatever static inbound port you use.
This is tested and working with TMG SP2 hotfix 1.
However the TMG control service does seem to crash occasionally - which then shuts down the firewall service if you allow a high number of Bit Torrent connections.
< Message edited by richto -- 5.Feb.2012 8:42:06 PM >
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA 2006 Firewall] >> Access Policies >> how to enable torrent 
how to enable torrent - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread