• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 518
  • Last Modified:

Open Port from the internet to inside my organization isa2006

Hi


i need to open like 10 port from internet to inside my organization
this is what i did

firewall policy
new access rules
new protocol
let say port 3550 (tcp and UDP receive send)
from External / anywhere
to internal
all user


the bug is this
when i test on this site
http://www.yougetsignal.com/tools/open-ports/

my port is closed ????

i do know why
0
Victor Charpentier
Asked:
Victor Charpentier
1 Solution
 
Bruno PACIIT ConsultantCommented:
Hi,

First of all, ISA makes difference between internal network (that you define by associating IP ranges to network objects in ISA) and the external network that is everything else...

For incoming traffic, meaning IP requests that come from the external network, you need to make "publishing rules", not "access rules". Access rules only apply to outgoing traffic, meaning IP request coming from one of the explicitely defined network.

Also, if your internal network uses private IP range (like 10.x.x.x, 172.16.x.x to 172.31.x.x, or 192.168.x.x) then your ISA server is NATing outgoing traffics. In this situation you can not create rules to allow incoming traffic to reach any IP address in the internal network. What you only can do is create a publishing rule to reach ONE internal IP address for ONE TCP port.

If you want some people on Internet to reach your whole internal network using some ports you need to configure VPN...


Have a good day.
0
 
Keith AlabasterCommented:
I use access lists from external to internal or the perimeter quite a lot but this is always when I use route relationships from the source network to the target network.

If you are Natting from internal to external then the non-web-server publishing rules are your best option.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now