Solved

A simple block external IP in ISA

Posted on 2009-05-04
8
945 Views
Last Modified: 2012-05-06
I want to create a simple deny rule that blocks traffic from Internet address x.x.x.x.  However, because ISA policies revolve around 'publishing' a server, I'm not sure how to do add this simple rule.
0
Comment
Question by:b_levitt
  • 4
  • 2
  • 2
8 Comments
 
LVL 12

Expert Comment

by:zoofan
ID: 24295829
I think this is what your looking to do,

Create a new client address set in policy elements that contains the external IP address's to block.

create a new publishing rule
     that applies to all internal destinations(or create a client set of internal destinations that you want it blocked from)
     apply the rule to requests from client address sets
     select the set you created to block
     Either disregard or redirect the request.


Restart your services.


zf


0
 
LVL 11

Author Comment

by:b_levitt
ID: 24299566
That's exactly what I want to do, but what kind of publishing rule do I create?  I want to block all traffic.  If I do a server publishing rule I could create a new "IP-Level" Protocol definition, but it will only let me specify a single ip destination.  I suppose the destination doesn't really matter and I could just use a loopback address or something?
0
 
LVL 12

Expert Comment

by:zoofan
ID: 24299947
To block all traffic use a web publishing rule,  server rules are per protocol if memory serves me right.


zf
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 11

Author Comment

by:b_levitt
ID: 24301484
No, that's only going to block port 80.  I'll try using a loop back with a server rule and see how it goes.
0
 
LVL 14

Accepted Solution

by:
Raj-GT earned 500 total points
ID: 24302650
Why not create a new access rule to "Deny" "all outbound traffic" from a Specific Computer set to "All Networks (and Local Host)"?
0
 
LVL 11

Author Comment

by:b_levitt
ID: 24311141
I tried that and it doesn't work - access rules seem to be based on internal traffic so "all outbound traffic" is relative to internal  traffic, not to the source specified on the rule.  The default 'deny' system rule seems to have a special "all traffic" value that is not selectable when creating your own access rule.
0
 
LVL 14

Expert Comment

by:Raj-GT
ID: 24312272
You are right! I didn't test it myself but the direction of traffic works based on the From destination normally. I think the easiest way to accomplish what you want is to use the router in front of ISA to block traffic from the selected IP. Most routers these days have basic firewall built in.
0
 
LVL 11

Author Closing Comment

by:b_levitt
ID: 31577547
Turns out you were right raj, I just didn't wait long enough for my original test connection to close so it looked like it was still getting thru.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

ISA Server detected routes through the network adapter LAN that do not correlate with the network to which this network adapter belongs What does this mean and how can one go about correcting it? In simple terms, this error message indicates t…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question