How can I Publish internal LDAP server through ISA 2006

I have ISA 2006 protecting an internal network. I want to allow access to LDAP but it does not seem to be an option in the publishing wizard. Will an access rule do? My preference is though to publish it properly.
What is my besy option ?
andyc0n2005Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

drtoto82Commented:
mm I 'll suppose that I want to publish an active directory/  domain controller for users to authenticate through . So, I 'll make an access rule to enable these ports. Make sure of the source and destinations.
Tell me more if u still need any help ...
. DNS : 53 TCP/UDP
. Kerberos : 88 TCP/UDP
. LDAP : 389 TCP/UDP
. LDAP-SSL : 636 TCP/UDP (for PKI and Certificates)
. Global Catalog : 3268 TCP
. SMB : 445 TCP/UDP
. RPC : 135 TCP/UDP
. NetBios Server : 137 TCP/UDP (for downlevel clients)
. NetBios DataGram : 138 TCP/UDP (for downlevel clients)
. NTP : 123 TCP/UDP (Network time Protocol , for kerberos time synchronization)
0
andyc0n2005Author Commented:
Thanks for the offer.

I have created a new protocol definition called LDAP Server and for TCP 389 inbound. I then use this definition in a non web server publishing rule applying it to traffic hitting a specific address on my external interface and directing to specific inbound server?

Do you think that will work when I come to test it?
0
Keith AlabasterEnterprise ArchitectCommented:
The way you have published it is correct. ldap access will be forwarded ok but the bigger question will be 'Is this the only protocol required?' Without knowing the purpose of the access itis hard to tell.

open the ISA gui, select monitoring - logging - click on start query.
What do you see in the log when an access attempt is made to the ldap enquiry?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

drtoto82Commented:
It should work . ...

U can also make sure if u have any rule above your LDAP rule that is "DENYING" the trafiic . That could be one forgotten or made before by mistake .
0
drtoto82Commented:
Test it . Let me know if u still need more help .
The port numbers I provided before are more than enough . Make sure u don't need to allow more ports that than the 389 port .
0
Keith AlabasterEnterprise ArchitectCommented:
Thank you
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Forefront ISA Server

From novice to tech pro — start learning today.