Solved

Open Port from the internet to inside my organization isa2006

Posted on 2010-08-17
2
502 Views
Last Modified: 2012-05-10
Hi


i need to open like 10 port from internet to inside my organization
this is what i did

firewall policy
new access rules
new protocol
let say port 3550 (tcp and UDP receive send)
from External / anywhere
to internal
all user


the bug is this
when i test on this site
http://www.yougetsignal.com/tools/open-ports/

my port is closed ????

i do know why
0
Comment
Question by:Victor Charpentier
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 16

Accepted Solution

by:
Bruno PACI earned 500 total points
ID: 33458763
Hi,

First of all, ISA makes difference between internal network (that you define by associating IP ranges to network objects in ISA) and the external network that is everything else...

For incoming traffic, meaning IP requests that come from the external network, you need to make "publishing rules", not "access rules". Access rules only apply to outgoing traffic, meaning IP request coming from one of the explicitely defined network.

Also, if your internal network uses private IP range (like 10.x.x.x, 172.16.x.x to 172.31.x.x, or 192.168.x.x) then your ISA server is NATing outgoing traffics. In this situation you can not create rules to allow incoming traffic to reach any IP address in the internal network. What you only can do is create a publishing rule to reach ONE internal IP address for ONE TCP port.

If you want some people on Internet to reach your whole internal network using some ports you need to configure VPN...


Have a good day.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 33459036
I use access lists from external to internal or the perimeter quite a lot but this is always when I use route relationships from the source network to the target network.

If you are Natting from internal to external then the non-web-server publishing rules are your best option.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In Africa (and potentially where you live…), reliability of ISPs is questionable.  With the increased reliance on e-mail as one of the primary forms of communication, the costs to business are significant based on interuption of ISP Connectivity.  T…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question