• Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA 2000 Blocking Access

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Firewall] >> General >> ISA 2000 Blocking Access Page: [1]
Message << Older Topic   Newer Topic >>
ISA 2000 Blocking Access - 18.May2004 4:45:00 PM   


Posts: 5
Joined: 15.Mar.2004
From: Chicago, IL
Status: offline
I'm kind of at my wits end on this issue, so please bear with me as I try to explain a problem that seems simple in nature, but has baffled me nonetheless.

My firm has SBS 2003 running with ISA 2000 acting as our firewall. After upgrading to SBS 2003, our firewall seems to have started a crackdown on blocking access through various ports and protocols.

I have read numerous articles, books, and references that detail SecureNAT and Firewall Client issues, but none seem to really tell me the difference between the two, why one works better than others, how to set one up, etc...but I digress.

Here are the issues I am having:
1) My users can access the internet without issue if they use a browser. MSN Messenger works fine, as well as AOL's AIM. Yahoo Messenger does not work at all. What are the differences? I don't know.

2) I attempted to block AIM by setting up a protocol definition and protocol rule, but AIM access still works.

3) I attempted to allow access to certain ports for a program called Bloomberg, but no matter what i have turned on, established protocol definitions for, etc it's all blocked.

4) I seriously have no clue what the purpose of the Firewall Client program is on my user's computers as they seem to have internet access regardless if it's enabled, disabled, or completely uninstalled.

Could someone please point me in the right direction or assist me with the obvious ISA Void that resides in my brain?
Post #: 1
RE: ISA 2000 Blocking Access - 19.May2004 3:06:00 PM   


Posts: 5
Joined: 15.Mar.2004
From: Chicago, IL
Status: offline

(in reply to wrburgess)
Post #: 2
RE: ISA 2000 Blocking Access - 20.May2004 6:39:00 PM   


Posts: 14
Joined: 7.Aug.2003
From: Hartford, CT
Status: offline
just because a client does not have the firewall client doesn't nessisarily mean that a client wouldn't be able to access the ISA firewall or points beyond. The firewall client is required by certain applications running through the ISA firewall and also can be used as null set filtering mechanism to only allow certian clients to access certina features. In most cases I don't employ the firewall client in my ISA environments.

As far as your selective blocking goes, Yahoo and AIM operate on different ports I believe, so there is the difference there. The blocking AIM and having it not work is a bit strange. In regard to allowig access to all apps, try to create an allow all rule (outbound only of course) and apply the rule to the client set which contains the clieny systems in question. Also ensure that you don't have any site and content rules that are conflciting with the protocol rules. Hope that helps some.

Thats our problem isn't it?...we don't take anything seriously....unless its on a harddrive.

(in reply to wrburgess)
Post #: 3
RE: ISA 2000 Blocking Access - 22.May2004 6:06:00 AM   


Posts: 2
Joined: 21.May2004
Status: offline
I dont know about your other Issue

But for your Item 4, check with ipconfig if your default gateway is configured, if yes remove the gateway.

This will force the packet to travel through your firewall client.

Also under internet options, disable the proxy.

From this point if your firewall client is not installed or disabled, the user should not be able to acces the internet.

Hope this help you a bit

(in reply to wrburgess)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Firewall] >> General >> ISA 2000 Blocking Access Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts