Announcement

Collapse
No announcement yet.

ISA 2004 server and firewall policies

Collapse
This topic is closed.
X
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • ISA 2004 server and firewall policies

    Hi,

    I thought i sent this this morning but i am not seeing it on the bulletin so i will post again.

    I installed ISA 2004 server on my network but i am faced with the following issues.

    1. Currently i have only one policy on and i am meant to have 3.

    The 3 should be

    1. Unrestricted

    2. Restricted

    3. Only POP3 access.

    When i enable the 3 policies to the various user sets the whole thing malfunctions unless i allow one policy with (ALL USERS) been the selected user set.

    I do not know why it misbehaves.

    I have ISA server 2004 service pack 2 also installed.

    One of the major problems it gives to me is that after 20 mins of been on it asks whoever need internet facilities to confirm authentication.

    Please advice.

    IRE

  • #2
    Re: ISA 2004 server and firewall policies

    Are you sure you applied the new Firewall policies you created?
    1 1 was a racehorse.
    2 2 was 1 2.
    1 1 1 1 race 1 day,
    2 2 1 1 2

    Comment


    • #3
      Re: ISA 2004 server and firewall policies

      Yes the policies are applied whenever a change is made .: It prompts you.

      Comment


      • #4
        Re: ISA 2004 server and firewall policies

        I have not gotten any response in two days concerning this.

        IRE

        Comment


        • #5
          Re: ISA 2004 server and firewall policies

          Do a screen shot of your Firewall Policy and post it here. Make sure you save it as a JPG and NOT a BMP.
          1 1 was a racehorse.
          2 2 was 1 2.
          1 1 1 1 race 1 day,
          2 2 1 1 2

          Comment


          • #6
            Re: ISA 2004 server and firewall policies

            How do i do a screen shot ?

            Comment


            • #7
              Re: ISA 2004 server and firewall policies

              How do i do a screen shot ?
              Full Screen Shot: Press PRINT SCRN key

              Active Window Shot: Press ALT + PRINT SCRN keys together

              Either way, paste (use CTRL + V) into your favourite Word Processor or graphics package and the screen should show up.

              The PRINT SCRN key is usually (on a full size keyboard) located immediately to the right of the function keys (F1-F12). Laptops / Mini Keyboards will be different

              Tom
              Tom Jones
              MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
              PhD, MSc, FIAP, MIITT
              IT Trainer / Consultant
              Ossian Ltd
              Scotland

              ** Remember to give credit where credit is due and leave reputation points where appropriate **

              Comment


              • #8
                Re: ISA 2004 server and firewall policies

                Originally posted by Ossian
                The PRINT SCRN key is usually (on a full size keyboard) located immediately to the right of the function keys (F1-F12).
                Server 2000 MCP
                Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

                ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                Comment


                • #9
                  Re: ISA 2004 server and firewall policies

                  Or, you can use Google to search the following phrase. how to take a screenshot

                  Please remember to save them as a JPG so they take up less space if you upload them.

                  How to add attachments to your post.

                  Loking forward to your screenshot. Also please do not add multiple shot and add them to the same file. Thanks.
                  1 1 was a racehorse.
                  2 2 was 1 2.
                  1 1 1 1 race 1 day,
                  2 2 1 1 2

                  Comment


                  • #10
                    Re: ISA 2004 server and firewall policies

                    if you doesn't know how to make a screenshot is maybe a better idea to hire a specialist to configure isa for you

                    Be carefull what you're doing on a firewall It's you're entrance from the internet.
                    Problably, you're bosses want to keep their data safe
                    Marcel
                    Technical Consultant
                    Netherlands
                    http://www.phetios.com
                    http://blog.nessus.nl

                    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                    "No matter how secure, there is always the human factor."

                    "Enjoy life today, tomorrow may never come."
                    "If you're going through hell, keep going. ~Winston Churchill"

                    Comment


                    • #11
                      Re: ISA 2004 server and firewall policies

                      dumber should try to be polite.

                      Thanks guys for your contributions, i will send the snapshots later what i have in the clipboard file is to big it is not allowing me to save as jpeg.

                      Comment


                      • #12
                        Re: ISA 2004 server and firewall policies

                        Sorry if i didn't look very polite, but taking a printscreen is quit basic.

                        Back on topic:

                        You can also write down you're policy (basically and not fully)
                        Make sure you set te most restrictive first.

                        I'm not sure of you really mean policy, or meaning rules into the rulebase. maybe you can clarify it.
                        Marcel
                        Technical Consultant
                        Netherlands
                        http://www.phetios.com
                        http://blog.nessus.nl

                        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                        "No matter how secure, there is always the human factor."

                        "Enjoy life today, tomorrow may never come."
                        "If you're going through hell, keep going. ~Winston Churchill"

                        Comment


                        • #13
                          Re: ISA 2004 server and firewall policies

                          Originally posted by ire
                          dumber should try to be polite.
                          IMHO Nothing impolite was said -- Dumber offered you some valuable advice.
                          If you are getting to grips with a new product (which you are) that can have a major impact on your network (which ISA Server does) and will seriously upset your users (which is happening according to your first post in this thread), it is a very good idea to get some expert advice. If you are at all unsure of your own skills, this is even more important.

                          While we can, and have, helped you to the best of our ability, this is not the same as having a paid consultant work on your network setting things up the way you need them. All our advice is:
                          (a) based on our very limited understanding of what your setup actually us
                          (b) general rather than specialist in form
                          (c) without any warranty of its effectiveness

                          I do not think any of the moderators or more senior members here would take offence at a suggestion to call in a specialist. We have enough specialist expertise ourselves to understand that "a little knowledge is a dangerous thing" and to not get out of our depths. Also we have learnt, from bitter experience, to use a test network to try things out before rolling them out to our users.

                          From your posts on this subject, you had problems with ISA 2000 and then upgraded to ISA 2004 in a very short time-frame. You are now hitting problems as a result of that, IMHO hasty, decision to upgrade.

                          Please dont take any of this as anything personal, purely some advice from someone who has been in your shoes in the past and learnt his way out of them!

                          Tom
                          Tom Jones
                          MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                          PhD, MSc, FIAP, MIITT
                          IT Trainer / Consultant
                          Ossian Ltd
                          Scotland

                          ** Remember to give credit where credit is due and leave reputation points where appropriate **

                          Comment


                          • #14
                            Re: ISA 2004 server and firewall policies

                            I have installed ISA 2000 before on a live network and have set it up using schedules for 5 different groups and i did not have this issue.
                            I have also setup ISA 2004 but with only one firewall policy.
                            The only reason i moved back t 2004 was because i was having this same problem with my network and i felt moving back would not solve the problem.

                            I have snapshots of the ISA firewall policies and other columns and would post the first set now and post the rest in batches so you can make your comments and ask whatever questions are deemed necessary.
                            Thank you for your honest comments
                            Last edited by danielp; 8th August 2006, 13:35.

                            Comment


                            • #15
                              Re: ISA 2004 server and firewall policies

                              This is the second set i said i wd send
                              The next policy will come on the next posts
                              Last edited by danielp; 8th August 2006, 13:35.

                              Comment

                              Working...
                              X