We help IT Professionals succeed at work.

ISA 2006 outbound (inbound?) problems

Medium Priority
753 Views
Last Modified: 2012-06-27
Hi,

On company network I just suddently can't use remote desktop to connect to RD clients on the public side of my ISA. If I log on the ISA server itself, I can remote desktop fine.

Futhermore I have a couple of programs that use tcpip to connect to PC's on the internet, these programs doesn't work either.

I've also tried using IP's (to see if it was a DNS problem); but it's still the same.

All inbound seams normal (our webservers etc).

I haven't changed anything on the ISA server for months and have no clue why this just suddently happen.

When I logged on my ISA server, I could see it has been rebooted due to an important Windows Update .. but as far as I can see, the last update is 7 days old and my problem just started 2 days ago.

HELP! :o)
Comment
Watch Question

Raj-GTSystems Engineer
CERTIFIED EXPERT

Commented:
Looks like you have a Firewall policy in place blocking or not allowing outbound access to non web proxy protocols.

You can test this by creating a new firewall policy to allow RDP outbound to "All Users" users group. Make sute this rule is on top of the rule chain.

It will also help if you would copy the ISA log outputs here. (Monitoring > Logs tab)

Thanks,
Raj

Author

Commented:
Hi Raj,

Please notice it's not only RD it's some of my tcpip programs too.

Well I have a rule to allow all outbound, so I can't see what should prevent RD from outbound.

I've attached a xslx of the log, please notice that I've changed all external IPs for security reasons.The adress I'm trying to connect to is 85.83.16.129.

Thx for your help so far.

Mojo

log.xls
Raj-GTSystems Engineer
CERTIFIED EXPERT

Commented:
I don't see any packets coming back from 85.83.16.129 on your log. Is your allow all rule at the top of the rules table. Can you copy the rule details, interface configurations of ISA1 and also the network relationships pleas.

Thanks,
Raj
 

Author

Commented:
Yeah I don't get any packets back. If I have "allow all outbound" shouldn't I be able to RD out of my network?

Yes the rule is at top.

I've attached copy of rule and I'm not sure where to copy interface config and network relation.

I don't know why this suddently happen - I haven't touched the ISA for months and it stopped working 2-3 days ago.

Thanks!

Mojo

general.jpg
action.jpg
content.jpg
from.jpg
protocols.jpg
to.jpg
users.jpg
relation.jpg
Commented:
Hmmmm STRANGE .... now suddently everything works perfectly again ... hmmm.

I'M CONFUSED!

I will let this case be open for a couple of days ... thank you for your help so far.


:o)

Mojo

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.