Arabsoft_AD
asked on
ISA 2006 and Ports
I have ISA 2006 and i want to open a port from our network for our DVR to send traffic and receive traffic from outside, the ports are 7000 to 7000 and 7001 to 7001 and the IP address is 192.168.10.223 and 192.168.10.224.
Thanks
Thanks
Dear Arabsoft_AD,
If the previous solution is succesfuly works for you, please assign the points to my avvont because the other account is shared between my corporate colleagues.
Thank You,
MKhairy
If the previous solution is succesfuly works for you, please assign the points to my avvont because the other account is shared between my corporate colleagues.
Thank You,
MKhairy
You also have to make sure that the network relationship is not NAT for it to work in mkhairy's way.
Unless by outside you mean the internet. Then it has to be NAT and you will have to publish the two DVR's IPs.
Unless by outside you mean the internet. Then it has to be NAT and you will have to publish the two DVR's IPs.
No offence but none of the above is likely to work as there is nowhere near enough information.
What protocol is being used - as the dvr needs to talk to external devices, it is likely to be tcp traffic rather than udp and using the https on the assumption that it needs to be secure. If it IS https then ports 7000 and 7001 are not supported by default within ISA Server and the ISA Tunnel Port Range Extender utility will be required. You can get it directly from the www.isatools.org web site if this is the case, courtesy of Jim Harrison. http://www.isatools.org/to
If you can give some more fulsome information on what the requirement is then the more likely we can give you a definitive answer.
Secondly, the points can only be assigned to respondents within this question that point to the answer. If you wish to have an answer accepted then please use that account when you submit your reply. It is not good policy to push points to a different account. Whilst I do not doubt your integrity in pointing out that you are both of the user names (one corporate, one your own) it would not be abn acceptable practice.
Keith
MS ISA & Forefront MVP
What protocol is being used - as the dvr needs to talk to external devices, it is likely to be tcp traffic rather than udp and using the https on the assumption that it needs to be secure. If it IS https then ports 7000 and 7001 are not supported by default within ISA Server and the ISA Tunnel Port Range Extender utility will be required. You can get it directly from the www.isatools.org web site if this is the case, courtesy of Jim Harrison. http://www.isatools.org/to
If you can give some more fulsome information on what the requirement is then the more likely we can give you a definitive answer.
Secondly, the points can only be assigned to respondents within this question that point to the answer. If you wish to have an answer accepted then please use that account when you submit your reply. It is not good policy to push points to a different account. Whilst I do not doubt your integrity in pointing out that you are both of the user names (one corporate, one your own) it would not be abn acceptable practice.
Keith
MS ISA & Forefront MVP
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Than you so much Keith for your kind welcome and I am really happy to gain more knowledge and learn from an expertise like you.
@ Arabsoft: I am glad to help.
Regards,
MKhairy
@ Arabsoft: I am glad to help.
Regards,
MKhairy
outbound ports:
Go to firewall policy------>open Toolbox tab in the right pane---->Open Protocols---->Select New---->choose protocol----->Define a name for the new custom protocol such as DVR_ SEND_PORTS then press next----->New-->Choose protocol type ( TCP or UDP ) and choose the direction to be outbound and the port range from 7000 to 7001---->then next and ok to close the wizard.
inbound ports:
Go to firewall policy------>open Toolbox tab in the right pane---->Open Protocols---->Select New---->choose protocol----->Define a name for the new custom protocol such as DVR_ RECEIVE_PORTS then press next----->New-->Choose protocol type ( TCP or UDP ) and choose the direction to be inboundand the port range from 7000 to 7001---->then next and ok to close the wizard.
Custom Address Range:
Go to firewall policy------>open Toolbox tab in the right pane---->Open Network objects---->Select New---->choose Address Range ----->Define a name for the new custom Address Range such as DVR_ Computers then put your address range----->Now press ok and close the wizard.
Now you have to create a new access rules using the new ports and address range as follow:
Go to firewall policy------>open Tasks tab in the right pane----> Select Create Access Rule---->Define a name for it---->choose Allow ----->Now you will choose the ports that you have created before----->Choose selected protocols and click add------> Select User Defined and then add your DVR ports----->Next----> Add your server range which have been created before and external -------->press next ----> add again external and your DVR address range.
Now press next and then apply the new settings Then test your DVR servers.
Regards,
MKhairy