I did get the filetransfer to work by setting up a Protocol Rule that "allows all" from my internal network. (Allow all both ways). And i got voice working if the person on the outside (that was directly connected to the internet - dialup) initiated the chat. But if i try to initiate.. no go.
This all makes me wonder if the firewall client is configured right.. Or if it works with Windows XP at all...
Since there is a major lack of "sucsessful" posts around this topic.. i would actually assume that MS has got a problem here...
Do anyone have any good tips in configuring the Firewall Client? How to "know" what application name to put to append settings? I did a little test by using CuteFTP (ftp client), and no matter what i did put in the Firewall client.. It had no matter whatsoever.. (also tried the wspcfg.ini method described in the ISA help file)
Try this and let me know how it works. I use NetMeeting and the H.323 for voice and video, so I haven't had the need to monkey around with MSN mangler. Let me know if these work, and we'll make a big deal of it in the next newsletter.
Tom ====================== > MSN Messenger (All Features) > Primary Connection > Port Number Protocol Type Direction Info > 1863 TCP Outbound Main Chat Port > > > Secondary Connection > Port Range Protocol Type Direction Info > 6891-6900 TCP Inbound File Transfer Ports (Sending) > 6891-6900 TCP Outbound File Transfer Ports (Receiving) > > Special Notes: > You must have the Firewall Proxy Client Required > You must also go to the Firewall Client properties on the ISA Server: > Select "Application Settings" tab > You need to make one new entry on this tab: > App: msmsgs > Key: NameResolutionForLocalHost > Value: P > This step is just as important as the port numbers for file transfers to work. What this does it this: When MSN Messenger asks the computer it is running on "What is the IP address of this computer?" the system will give it the inside IP. Then when you try to send files to people, the remote client tries to connect to the IP of your inside network. Now we all know that this can never happen. So what you need to do is "fake out" MSN Messenger when it asks for the IP of the local computer. When you have this NameResolutionForLocalHost set, the Firewall Proxy client will give it the IP address of the external interface on the ISA server instead. Now when you try to send files to someone, they get the IP of the ISA server and since you have the secondary ports set up, it forwards the request to your MSN Messenger client and everything just works. :-) Dont forget to have your Firewall client update its settings after you do this so it gets the new information. > > To get the Phone dial capabilities to work in MSN Messenger, just make a rule and in that rule include the pre-made protocol definitions for Net2Phone. > > Steve >
Does not help. I must state that i use the firewall client, and Windows XP Pro. I have posted this before, but i will do it again :
Is the firewall Client 100% compatible with XP? I tried as an experemental thing to add an application setting for CuteFTP, that would resolv "NameResolutionForLocalHost=L" and thus FORCE it to resolve local IP adress, so that the PORT command would fuck up.. but it did not.. I also tried to set it up with a false proxy.. false remotebindtcp +++ anything, but NO settings whatsover would do anything.. (And i also tried the "wspcfg.ini" file described in the help file.. but no avail..)
Is there any information useful with examples for how to set up the darn Firewal Client?? The information in the help files are not "that" informative..
Please help me.. Driving me crazy.. moments away to revert back to RRAS.. That way i could direct map ports..