Solved

How can I  Publish internal LDAP server through ISA 2006

Posted on 2007-03-28
6
1,451 Views
Last Modified: 2008-11-18
I have ISA 2006 protecting an internal network. I want to allow access to LDAP but it does not seem to be an option in the publishing wizard. Will an access rule do? My preference is though to publish it properly.
What is my besy option ?
0
Comment
Question by:andyc0n2005
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 5

Assisted Solution

by:drtoto82
drtoto82 earned 90 total points
ID: 18812860
mm I 'll suppose that I want to publish an active directory/  domain controller for users to authenticate through . So, I 'll make an access rule to enable these ports. Make sure of the source and destinations.
Tell me more if u still need any help ...
. DNS : 53 TCP/UDP
. Kerberos : 88 TCP/UDP
. LDAP : 389 TCP/UDP
. LDAP-SSL : 636 TCP/UDP (for PKI and Certificates)
. Global Catalog : 3268 TCP
. SMB : 445 TCP/UDP
. RPC : 135 TCP/UDP
. NetBios Server : 137 TCP/UDP (for downlevel clients)
. NetBios DataGram : 138 TCP/UDP (for downlevel clients)
. NTP : 123 TCP/UDP (Network time Protocol , for kerberos time synchronization)
0
 

Author Comment

by:andyc0n2005
ID: 18817489
Thanks for the offer.

I have created a new protocol definition called LDAP Server and for TCP 389 inbound. I then use this definition in a non web server publishing rule applying it to traffic hitting a specific address on my external interface and directing to specific inbound server?

Do you think that will work when I come to test it?
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 35 total points
ID: 18818078
The way you have published it is correct. ldap access will be forwarded ok but the bigger question will be 'Is this the only protocol required?' Without knowing the purpose of the access itis hard to tell.

open the ISA gui, select monitoring - logging - click on start query.
What do you see in the log when an access attempt is made to the ldap enquiry?
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 5

Assisted Solution

by:drtoto82
drtoto82 earned 90 total points
ID: 18820760
It should work . ...

U can also make sure if u have any rule above your LDAP rule that is "DENYING" the trafiic . That could be one forgotten or made before by mistake .
0
 
LVL 5

Assisted Solution

by:drtoto82
drtoto82 earned 90 total points
ID: 18820766
Test it . Let me know if u still need more help .
The port numbers I provided before are more than enough . Make sure u don't need to allow more ports that than the 389 port .
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 18852049
Thank you
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found here: http://www.experts-exchang…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question