• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

How to Disable securenat in ISA 2004

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> SecureNAT Client >> How to Disable securenat in ISA 2004 Page: [1]
Login
Message << Older Topic   Newer Topic >>
How to Disable securenat in ISA 2004 - 10.Aug.2005 1:32:00 PM   
xlover

 

Posts: 4
Joined: 28.Jun.2002
Status: offline
i am runing isa server 2004 with 300+ clients. My network is a nightmare. i still dont have permission to deploy ADS, every one has static ip's, network is full of virus like blaster. we have norton corporate 9 deployed and updated but its not that good. my problem is Internal DDOS attacks on isa server. if i block port 135 and 445 my server and network chokes, i continusly see 100 secure nat client, which never disconnects. is there any way we can disable securenat in isa2004, i think that may solve some of my problems, any other sujestion
Post #: 1
RE: How to Disable securenat in ISA 2004 - 15.Aug.2005 7:40:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi X,

You can require authentication for all rules. That stops all SecureNAT connections.

Also, make sure to use least privilege. That is the best s4curity policy.

HTH,
Tom

(in reply to xlover)
Post #: 2
RE: How to Disable securenat in ISA 2004 - 17.Aug.2005 12:11:00 AM   
xlover

 

Posts: 4
Joined: 28.Jun.2002
Status: offline
dera sir
thank you! i was able to restrict securenat. the speed of net has improved,

thanks

(in reply to xlover)
Post #: 3
RE: How to Disable securenat in ISA 2004 - 3.Sep.2005 2:33:00 AM   
mrdotcom

 

Posts: 15
Joined: 20.Feb.2003
From: Karachi
Status: offline
hello, sir i m new to ISA 2004, i dont have Domain Controller, not any dns simple ISA server, i want to disable SecureNAT plz tell me step by step wht shud i do

(in reply to xlover)
Post #: 4
RE: How to Disable securenat in ISA 2004 - 4.Sep.2005 1:08:00 PM   
Rickymag

 

Posts: 509
Joined: 26.Nov.2003
From: SA
Status: offline
Disable SecureNat...

remove the internal ISA IP from the gateway IP section of your client and SecureNAT is remoced.

RM

(in reply to xlover)
Post #: 5
RE: How to Disable securenat in ISA 2004 - 6.Sep.2005 3:55:00 AM   
kalwar

 

Posts: 102
Joined: 10.Oct.2003
From: pakistan
Status: offline
is there any other solution to block a securenat client without having a part of domain because it is very difficult to go at each client and remove its gateway ip.
thanks
kalwar

(in reply to xlover)
Post #: 6
RE: How to Disable securenat in ISA 2004 - 16.Sep.2005 3:58:00 PM   
AbqBill

 

Posts: 478
Joined: 3.Jun.2003
From: Albuquerque NM USA
Status: offline
To prevent users from using your ISA Server as a default gateway, simply remove any anonymous access rules.

Bill

(in reply to xlover)
Post #: 7
RE: How to Disable securenat in ISA 2004 - 17.Sep.2005 7:29:00 AM   
kalwar

 

Posts: 102
Joined: 10.Oct.2003
From: pakistan
Status: offline
thanks for reply,
if you remove anonymous access rules, then how will access firewall and web proxy clients.
thanks kalwar

(in reply to xlover)
Post #: 8
RE: How to Disable securenat in ISA 2004 - 17.Sep.2005 3:32:00 PM   
AbqBill

 

Posts: 478
Joined: 3.Jun.2003
From: Albuquerque NM USA
Status: offline
Hi kalwar,

Firewall and web proxy clients can pass user credentials to the ISA firewall. One of the purposes of having an ISA server is to provide just this sort of authentication.

Bill

(in reply to xlover)
Post #: 9
RE: How to Disable securenat in ISA 2004 - 19.Sep.2005 4:36:00 PM   
Rickymag

 

Posts: 509
Joined: 26.Nov.2003
From: SA
Status: offline
Hello Bill,

absolutely both the firewall and web proxy clients function in this way and secure NAT clients are "reserved" for non MS clients and published hosts.

hope this sheds some light.

RM

(in reply to xlover)
Post #: 10
RE: How to Disable securenat in ISA 2004 - 20.Sep.2005 10:32:00 AM   
AbqBill

 

Posts: 478
Joined: 3.Jun.2003
From: Albuquerque NM USA
Status: offline
Hi Ricky,

That's more or less what I was going to say next.

Thanks!

Bill

(in reply to xlover)
Post #: 11
RE: How to Disable securenat in ISA 2004 - 22.Sep.2005 3:35:00 PM   
Rickymag

 

Posts: 509
Joined: 26.Nov.2003
From: SA
Status: offline
Good work Bill thanks

RM

(in reply to xlover)
Post #: 12
RE: How to Disable securenat in ISA 2004 - 22.Sep.2005 4:16:00 PM   
LLigetfa

 

Posts: 2187
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
Kalwar said "is there any other solution to block a securenat client without having a part of domain" and I surmise that he is looking to do it without requiring authentication.

(in reply to xlover)
Post #: 13
RE: How to Disable securenat in ISA 2004 - 2.Aug.2009 12:25:22 AM   
DEVLAVI

 

Posts: 115
Joined: 16.Jul.2009
From: Bangalore, India
Status: offline
To disable SecureNAT, in ISA server console expand Server-> Configuration ->
Networks. under Networks tab double click Internal to bring up the Internal Properties, navigate to Web Proxy tab click Authentication under Configure allowed authentication methods, click to check mark Require all users to authenticate check box & close all windows

Note that requiring all users to authenticate may block traffic to sites, such as Windows Updates, that do not support user authentication. To ensure that you do not unintentionally block traffic to such sites, I recommend enforcing user authentication on firewall policy access rules and publishing rules, instead of selecting this check box.
                                                       or
You could also remove the default gateway on the client systems to achieve your objective

I know that this thread was started way back in 2005, i was browsing the forum and thought may be i could help

Correct me if am wrong

DEV

(in reply to LLigetfa)
Post #: 14

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> SecureNAT Client >> How to Disable securenat in ISA 2004 Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts