• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA Server denies all connections from internal to localhost

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> ISA Server denies all connections from internal to localhost Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA Server denies all connections from internal to loca... - 16.Feb.2011 7:38:22 AM   
Lono9885

 

Posts: 5
Joined: 16.Feb.2011
Status: offline
Hi Guys,

Wonder if you can help. A little history.

Our internal Network sits behind a Cisco ASA firewall, on the other side off one of the interfaces is our DMZ. On the DMZ sits our ISA server with a backup internet connection. Users can surf via this backup connection using the proxy address and port 8080 in their browsers. (the other firewall interface has our WAN/Internet Connection).

This all works fine but the ISA server only sees the address of the firewall making all outbound connections. What we want is a situation where the ISA can see the source addresses of machines within the network making the initial request. SO.. we spoke to the firewall management who implemented a rule on the firewall for NAT exemption. Therefore source addresses were presented to the ISA server directly across the firewall.

However as soon as this is implemented, no one can go surfing and the ISA server seems to block all attempted connections!!

The Log shows destination IP as the ISA servers IP, the port as 8080, the protocol as 'Unidentified IP Traffic', the action as 'Denied Connection' and the source address, which in this instance is my PCs IP address. Destination Network is Local Host and Source Network is Internal.

I've tried everything in my power to get this working and can't fathom out what is happening. I've even tried removing all the rules bar the explicit outbound and the default deny all. It still doesn't work.

Any ideas what could be causing this please! It's so frustrating.

Incidentally...whilst none of the internal network clients can go out the ISA server is surfing happily. It can't be the firewall policy surely because when there is NO NAT exemption rule...the firewalls IP can happily access the ISA server and go out the door.

Cheers
Adam
Post #: 1

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> ISA Server denies all connections from internal to localhost Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts