Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
need to enable IP routing
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
need to enable IP routing - 5.Feb.2004 8:40:00 PM
|
|
|
eots
Posts: 32
Joined: 5.Feb.2004
Status: offline
|
Where did MS hide the "Enable IP Routing" option that used to be available under Access Policies/IP Packet Filters in ISA2000?
I want to allow firewall clients behind ISA2004 to ping and traceroute remote addresses, but changing the network rule from NAT to Route doesn't work.
|
|
|
|
|
RE: need to enable IP routing - 6.Feb.2004 12:27:00 AM
|
|
|
tshinder
Posts: 47439
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Eots,
You still need to make clients SecureNAT clients to use non-TCP/UDP protocols, because the Firewall client software only intercepts Winsock TCP and UDP requests.
HTH,
Tom
|
|
|
|
|
RE: need to enable IP routing - 6.Feb.2004 5:12:00 AM
|
|
|
Guest
|
ISA Server -> Configuration -> General -> Define IP Preferences -> IP Routing
|
|
|
|
|
RE: need to enable IP routing - 6.Feb.2004 5:41:00 AM
|
|
|
tshinder
Posts: 47439
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Dmitry,
Changing that value will not enable machines that are not enabled as SecureNAT clients, and only as Firewall clients, to use ICMP. The firewall client only handles Winsock TCP and UDP apps.
Thanks!
Tom
|
|
|
|
|
RE: need to enable IP routing - 6.Feb.2004 2:57:00 PM
|
|
|
eots
Posts: 32
Joined: 5.Feb.2004
Status: offline
|
Actually I had to change my ISA 2004 firewall policy to UNRESTRICED. I have 2 firewalls and I had no problem performing traceroutes through my ISA 2000 server. After changing the firewall policy I can now traceroute and ping remote addresses.
|
|
|
|
|
RE: need to enable IP routing - 6.Feb.2004 3:40:00 PM
|
|
|
tshinder
Posts: 47439
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Eots,
You can create a firewall policy that allows outbound ICMP echo request and inbound ICMP echo reply, that would be much more secure.
HTH,
Tom
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
