Solved

Cannot Connect to ISA Server

Posted on 2008-09-29
4
772 Views
Last Modified: 2008-11-23
I have an ISA Server 2006 installed on Windows Server 2003. I only want one computer to use the ISA Server for internet access. When i configure this server with a network address range none of the computers can ping it. Even when i create a firewall policy and allow pretty much everything through including ping the other computers still can't ping it.
The ISA Server can get on the internet and i can log on to it remotely. But the internal computers can't use it as a proxy.
Not sure where i am going wrong.
0
Comment
Question by:nealerocks
  • 2
4 Comments
 
LVL 7

Expert Comment

by:vikasjus
ID: 22595881
If you have done installation of ISA from remote controle then it will allow remote system IP address to perform admin task like ping and remote ctrl. as it adds that system into remote admin rule.

By default ping traffic is not allowed from any machine to ISA server.
By default ISA proxy uses port 8080. check proxy settings on client pc with this port.
rest everything is game of rules, check that is configured properly. Network is define properly as internal and external. Keep eye on Monitoring which will tell you what is going wrong on your ISA.
0
 
LVL 12

Author Comment

by:nealerocks
ID: 22600777
The installation was done locally. I have created a firewall rule that allows ping smtp http https dns etc.
I have changed the proxy to use port 8081 and the client is also using that port.
The ISA server only has 1 NIC. Dont really want to use it as a firewall. Just want it to be a proxy so i can block some websites.
0
 
LVL 2

Expert Comment

by:shhashemi
ID: 22649116
hi,
since ISA Server is a state full firewall, it is important to have one rule set that allows the internal rangae see the isa server correctly.
topest rule ( internal>local) and the scound top rule (local>internal).
to solve the problem temproraly  , config both rules to allow full portocol access from both sides to each other.
then you can customise the rules to allow only the specific protocols you need .
you can use logging>monitoring tab to check which rul is denying the client access to tcp port 8080 on isa server.
make sure the http porxy is enabled correctly on isa server.
Good Luck
0
 
LVL 12

Accepted Solution

by:
nealerocks earned 0 total points
ID: 22989608
I have reconfigured ISA with the single network adapter template. It now does what we want it to.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now