ISA Ping??


  Hi everyone

  I've recently installed as ISA 2000 Server on a SmallBusiness 2000 Server (Windows 2000 SP4/AC/Exchange/ISA in one server). I have 2 NIC's in the server, the "external" NIC is directly connected to a ADSL modem, and has a defined IP.

  The local clients can ping the "internal" interface, but i cant ping the external interface on the server, from another computer on the internet, ex. my own machine at my home. I can port scan the server, but my scanner says it a dead "ping dead" server, and once in a while it detects port 80, even if i havent published a web server :-| When the ISA wasnt installed i could easily ping the server, even port scan the server (dont worry, its experimental, and its my own server).

  All outgoing traffic is almost blocked. My exchange POP3 connector cant retrieve mail, and my SMTP connector can send mail. My Real player cant stream anymore. And my symantec antivirus, and sybari antigen can update their virus definitions and scanners.

  What am i doing wrong?
ShaohsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

_Jochen_Commented:
looks like your ISA Server is blocking ICMP traffic on the external Interface.
If you want to ping the Server from outside you have to allow ICMP Traffic. I think the default in ISA Server is blocking ICMP.
cheers, jochen.
0
Cyber-DudeCommented:
If I may note somthing here;
I think it is a good idea for you to keep the ICMP traffic closed because keeping it open will enable an attacker study your network and react in a way which may be harmful.

I also think, as _Jochen_ that the ICMP traffic is blocked. And the ISA Server suppose to do that...

Do you need a walkthrough on how to open the ports?

Cyber
0
ShaohsAuthor Commented:
If you have one, i would be delighted. :-)
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

Cyber-DudeCommented:
hehehe;
Your wish is my command;
http://www.experts-exchange.com/Security/Q_21081134.html

Now, where is that lamp?

Cyber
0
ShaohsAuthor Commented:
My second wish will be:

  What should i do about Real Player? I've opened 1090 but it still wont stream.

Third wish:

  When you open a UDP port, i got alot more choices in the trafic direction than TCP. TCP only has Inbound, Outbound and Both. UDP have 5 options. Whats the difference between these 5 options, and is it important to any "normal" applications that they should be opened?
0
TJworldCommented:
0
Ron MalmsteadInformation Services ManagerCommented:
Block rules take precedent over allow rules....if you do not have an "allow all traffic" "any protocol" on "any interface" rule...then you have no access, at all, to any external destinations..(your public ip is external)...these rules are created by default on install...be sure you didn't delete them.


0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Cyber-DudeCommented:
I think the subject has been covered (that is unless things are not working properly for you);
Now, where is my lamp?

Cyber
0
ShaohsAuthor Commented:
I think i got it now. I just had to set the "BackOffice Internet Access Protocol Rule" and the "BackOffice Internet Access Site and Content Rule" source to a client set with all the local ip's in. Now everyone can stream, and everything.

I created a rule in the packet filtering that allowed outgoing TCP 110 POP3 and outgoing TCP 25 SMTP. That did the trick about the mail.
I also add'ed a packet filter that deny incoming port 80. I noticed in a port scan that it was open for no reason. I cetainly didnt ask it to open port 80.

Pretty simple, once you get the hang of it.

Thanks for the answers. :)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.