• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Need possible bug confirmed!

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> Need possible bug confirmed! Page: [1]
Login
Message << Older Topic   Newer Topic >>
Need possible bug confirmed! - 17.Jan.2005 6:01:00 PM   
Zapata

 

Posts: 28
Joined: 25.May2003
Status: offline
It would seem that ISA 2004 is not blocking external IP's after a deny rule is set for that/thoose IPs.

Example:
Deny, All Outbound traffic, from/listner (with a computer set containing the unwanted IP's), to Internal, Localhost (also tried ComputerSet anywhere)

After attending the Implementing ISA 2004 course the teacher confirmed that my setup was correct, he could also reproduce the problem.

Looking forward to any reply on this matter.
Post #: 1
RE: Need possible bug confirmed! - 17.Jan.2005 6:19:00 PM   
AbqBill

 

Posts: 478
Joined: 3.Jun.2003
From: Albuquerque NM USA
Status: offline
Hi Zapata,

It works for me here. Perhaps you should post your rules list and a sample of your log file that shows the traffic being allowed.

Bill

(in reply to Zapata)
Post #: 2
RE: Need possible bug confirmed! - 17.Jan.2005 10:47:00 PM   
Zapata

 

Posts: 28
Joined: 25.May2003
Status: offline
I'ts the No1 Rule with:
Deny, All Outbound traffic, all protocols.
From/listner (with a computer set containing the unwanted IP's)
To Internal, Localhost

This rule isn't getting processed and there is no evidence that this rule is being triggerd in the logs.

The Blocked ip however gets a seesion further down the ACL, for exanple HTTP publishing.

EDIT: Explanations

[ January 17, 2005, 10:49 PM: Message edited by: Zapata ]

(in reply to Zapata)
Post #: 3
RE: Need possible bug confirmed! - 19.Jan.2005 2:17:00 PM   
penrose.l@2college.nl

 

Posts: 474
Joined: 29.Jan.2004
From: Netherlands
Status: offline
export the rule to .xml and post it here.

(in reply to Zapata)
Post #: 4
RE: Need possible bug confirmed! - 25.Jan.2005 5:20:00 PM   
dinodod

 

Posts: 100
Joined: 1.Oct.2004
Status: offline
It may just be me but are these IP's initiating the connection or are these IP's that your clients are accessing?

If your clients are the ones accessing them, then your rules are reversed. You will need to block your clients from accessing the unwanted IPs, not have the IPs being blocked from accessing the Clients.

(in reply to Zapata)
Post #: 5
RE: Need possible bug confirmed! - 25.Apr.2005 7:59:00 PM   
Zapata

 

Posts: 28
Joined: 25.May2003
Status: offline
quote:
Originally posted by dinodod:
It may just be me but are these IP's initiating the connection or are these IP's that your clients are accessing?

If your clients are the ones accessing them, then your rules are reversed. You will need to block your clients from accessing the unwanted IPs, not have the IPs being blocked from accessing the Clients.

Tried it both ways, ISA 2004 does not block to a server when you have the server publish rule beneath it, go figure!

Sorry for the delay in reply but notifications doesn't work for me.

/Z

(in reply to Zapata)
Post #: 6

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> Need possible bug confirmed! Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts