Solved

ISA 2000 - Opening Port for connectivity

Posted on 2007-12-02
2
701 Views
Last Modified: 2008-11-17
Hi Experts
I need to open the following port range 40000  40100 on my ISA 2000 server.
As I am fairly new to ISA, could I please ask for a detailed step for step on how to open this port range?
I have a Windows 2000 Domain, which sits behind an ISA 2000 server. This server is configured to be our firewall and proxy server.
Just want to check, but with these ports open, does it provide any threat to the security my network?
Please feel free to ask any questions, as I am not sure what else is needed from me at this point.
Any help would be much appreciated.
Regards
mustekkzn
0
Comment
Question by:mustekkzn
2 Comments
 
LVL 16

Accepted Solution

by:
2PiFL earned 500 total points
ID: 20391272

To grant access to a specific computer, you have to enable ISA to pass this connection by creating a Client Address Set and a protocol rule that allows the specific protocols from the specific client computers (based on IP address):
1.      In ISA Management, right-click your server, and then click Properties.
2.      Click to expand Access Policy.
3.      Right-click Protocol Rules, and then click New.
4.      Create a protocol rule that applies to the specific protocol that you want to allow (such as HTTP) or click All Protocols.
5.      Select the schedule for this protocol rule.
6.      Click Specific Computers (client address sets) as the client type to which this rule should apply.
7.      Create a client address set or use an existing one that contains the clients to which you want to grant access.
8.      Click Next, and then click Finish.

Opening any port increases your risk so you want to restrict who can use these ports.  THe above instructions will allow you to decide (by IP address) who can access the ports you define.

Here is an excellent resource for ISA 2000:

http://labmice.techtarget.com/BackOffice/ISAServer2000/configure.htm
0
 

Author Comment

by:mustekkzn
ID: 20394107
Hi there 2PiFL
Thanks so much for the above post. I really appreciate the fact that you did it step for step for me.
Also, I have to say what an excellent link you have provided. There are a lot of topics I would like to have a look into.
To get to my question now:
In above link, I did not get to specify any port range at any point. Where would I be doing this?
Kind regards
mustekkzn
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In all versions of ISA Server and the current version of FTMG, the default https protocol uses TCP port 443 and 563 only. This cannot be changed within the ISA or FTMG GUI and must be completed from a Windows cmd prompt on the ISA Server itself. …
So the following errors occurs in 2 ways that I am aware of at this stage, and you receive one of the following error messages: ERROR 1. When trying to save a rule: No Web listener is specified for the Web publishing rule Autodiscovery Publishin…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question