How can i open a port in ISA 2006 for an Application that wana connect to outside sites

I have a scenario where A new library system applications need to access the outside sites on ports which are by default not open in ISA 2006.

Please tell me how to open those ports? how to create that policy ?
Who is Participating?
Keith AlabasterConnect With a Mentor Enterprise ArchitectCommented:
so is that via straight tcp calls or through https?

lets assume it is a normal tcp port.
open the gui - right-click the firewall policy on the left and select new - access rule
Give it a name, select allow
on the protocols, click add - click new
create a new protocol and give it the start and stop port number - in this case outbound 7090 - 7090 tcp, follow the rest of the wizard and select no to secondary connections then end that part of the wizard.

Now in the selected protocols, select the new protocol you just created - you'll find it in the user-defined section.
In the from box select internal and - if you want it it - from localhost
In the To box select external
In the users, select either ALL Users or - if the app is designed to carry user credentials, select an ad group or authenticated users. The likelihood is you will need to select All users.
Finish the wizard and apply.
Job done
Create new Access Rule , and when it asks you about what protocols you want to open , click on Ports Button and select what ports you want to enable.

Good Luck
Keith AlabasterEnterprise ArchitectCommented:
What port numbers and what protocols? If the protocol is https, for example, you will need to add the additional port numbers through the port range extender.
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Amir4uAuthor Commented:
thanx guys for the response. port 7090 is required to be open for a online library website.  So shall I add protocols any ?  or just enter the port(s) ?
Keith AlabasterEnterprise ArchitectCommented:
As an aside, make sure this rule is above any deny rules.....
Amir4uAuthor Commented:
Hi Keith,

thanx for your reply,

I added the port ....shall i also add the url to which this port is suppose to contact.

After adding this rule i am testing if it is working or not.

Is this the correct way to test it?

telnet - url - 7090 ?

if this is correct then it is not telneting still to the port....
Amir4uAuthor Commented:
well the full url to which this port shud open is

telnet **** 7090

so should I add something in the policy also about this url ?
Keith AlabasterEnterprise ArchitectCommented:
If you use the telnet command to test the connection then you should just get back a black screen with a flashing cursor
Amir4uAuthor Commented:
it is working when i telnet the ipaddress and port of the url but it is still not working wen i telnet with the actual url and port there any configuration problem ? why by IP and why not by name ?
Keith AlabasterEnterprise ArchitectCommented:
hang on - you need to sort out your terminiology here. A URL is not a 'Name' or ip address, it is a name AND a location within a structure. Telnet deals with a host name or an ip address and a particular port. Therefore Telnet can prove whether the host is available and listening on the specific port number specified.

Telnet cannot tell you whether the web service is running on that port number on that host. Telnet definitely cannot tell you whether that URL is available or even exists.

That is what the web browser does - on the assumption that the host allows access through its firewalls.
Keith AlabasterEnterprise ArchitectCommented:
thanks :)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.