[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


Microsoft SNA Server Client & ISA 2004

Posted on 2006-05-23
Medium Priority
Last Modified: 2013-11-16
Hi All,

Has anyone has ever worked on the scenario that the clients are connecting using SNA Ciient for windows 95 while creating a VPN Tunnel through ISA 2004, cuz i have this scnario and i cannot get the users connect the SNA Client but they are successfully log in and establish the VPN Tunnel.

any help would be great , thanks is advance.
Question by:lomaree
  • 2
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16744793
I'll be honest, the answer is no (not worked with SNA at all)  but happy to try and work it with you if you want. I'll need a fair bit of detail please. Starting with the output of the log file (open the GUI, select monitoring - logging - click on start query, try and make the connection from a client and view the log)



Author Comment

ID: 16749526      SNABASE.EXE:3:5.1 MUSTANG      -TCP      -1510      0      0      0      0x800733f5 0x0 0x0      Firewall      5/24/2006 11:29:39 AM      1478      Unidentified IP Traffic      Denied Connection      callcenter7        Internal      External      -      -

The VPN application is from Check Point called VPN-1 SecuRemote and the comes the SNA Client which they connects to this IP Address.
LVL 51

Accepted Solution

Keith Alabaster earned 1200 total points
ID: 16754454
looks like you are blocking the SNA port (1478). This protocol is not in the default ISA protocol set and will need to be added.

Highlight the firewall policy in the gui.
On the right-hand side, select the Toolbox tab and then protocols
Click on new and create a protocol for SNA on outbound (if internal to external) or inbound (external to internal) for tcp port 1478.

Add this new protocol to the outgoing rule.
Save the policy.

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses
Course of the Month19 days, 22 hours left to enroll

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question