Solved

How can I  Publish internal LDAP server through ISA 2006

Posted on 2007-03-28
6
1,419 Views
Last Modified: 2008-11-18
I have ISA 2006 protecting an internal network. I want to allow access to LDAP but it does not seem to be an option in the publishing wizard. Will an access rule do? My preference is though to publish it properly.
What is my besy option ?
0
Comment
Question by:andyc0n2005
  • 3
  • 2
6 Comments
 
LVL 5

Assisted Solution

by:drtoto82
drtoto82 earned 90 total points
ID: 18812860
mm I 'll suppose that I want to publish an active directory/  domain controller for users to authenticate through . So, I 'll make an access rule to enable these ports. Make sure of the source and destinations.
Tell me more if u still need any help ...
. DNS : 53 TCP/UDP
. Kerberos : 88 TCP/UDP
. LDAP : 389 TCP/UDP
. LDAP-SSL : 636 TCP/UDP (for PKI and Certificates)
. Global Catalog : 3268 TCP
. SMB : 445 TCP/UDP
. RPC : 135 TCP/UDP
. NetBios Server : 137 TCP/UDP (for downlevel clients)
. NetBios DataGram : 138 TCP/UDP (for downlevel clients)
. NTP : 123 TCP/UDP (Network time Protocol , for kerberos time synchronization)
0
 

Author Comment

by:andyc0n2005
ID: 18817489
Thanks for the offer.

I have created a new protocol definition called LDAP Server and for TCP 389 inbound. I then use this definition in a non web server publishing rule applying it to traffic hitting a specific address on my external interface and directing to specific inbound server?

Do you think that will work when I come to test it?
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 35 total points
ID: 18818078
The way you have published it is correct. ldap access will be forwarded ok but the bigger question will be 'Is this the only protocol required?' Without knowing the purpose of the access itis hard to tell.

open the ISA gui, select monitoring - logging - click on start query.
What do you see in the log when an access attempt is made to the ldap enquiry?
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 5

Assisted Solution

by:drtoto82
drtoto82 earned 90 total points
ID: 18820760
It should work . ...

U can also make sure if u have any rule above your LDAP rule that is "DENYING" the trafiic . That could be one forgotten or made before by mistake .
0
 
LVL 5

Assisted Solution

by:drtoto82
drtoto82 earned 90 total points
ID: 18820766
Test it . Let me know if u still need more help .
The port numbers I provided before are more than enough . Make sure u don't need to allow more ports that than the 389 port .
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 18852049
Thank you
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question