?
Solved

How to open a port on ISA Server

Posted on 2010-09-10
14
Medium Priority
?
550 Views
Last Modified: 2012-06-27
I have been asked to do the following, open ports 44310 and 44312 on https.  Can someone help me to open these ports on the ISA server?  I tried creating a rule but don't know if I did it correctly.

Thanks in advance for any information
0
Comment
Question by:mwebb_sdmc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 4
  • +1
14 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 668 total points
ID: 33648634
0
 
LVL 10

Assisted Solution

by:simonlimon
simonlimon earned 664 total points
ID: 33650195
Is the service that needs to be accessed  on TMG/ISA server?

What kind of relationship is there between the networks (the source and destination) NAT or route?

This means a difference between publishing a server rule and an access rule.

I would first create a new protocol definition for 44310 and 44312 TCP. And then create an appropriate rule for access using this protocol.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 33650257
Simon - it is for https therefore it does not need a protocol - https is the protocol. ISA and FTMG only allows https over ports 443 and 563 out of the box.

You need to use the ISA_tpr.js script to add additional https to operate over additional ports. Once done, the existing https definition, regardless of access rule or publishing rule will include the new port number. All it requires is stopping and restarting the ISA or FTMG services after it is added.

Keith
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 10

Expert Comment

by:simonlimon
ID: 33650321
Keith,
I agree with you, but this applies only if wants to perform HTTP(S) publishing. He can workaround this by just allowing access directly to the service on a specific port - Server publishing rule, therefore ISA would not care what kind of traffic it is - handle the traffic at layer 2 rather than layer 7.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 33651881
You think so?
0
 
LVL 10

Expert Comment

by:simonlimon
ID: 33654108
sorry, my mistake - the correct thing to say would be to handle it layer 4 instead of layer 7.

He could do either thing, it's mwebb's choice, but handling this with HTTPS publishing would be more secure.

But again it depends on the application.
0
 
LVL 1

Assisted Solution

by:amjad4
amjad4 earned 668 total points
ID: 33660393
Hi mwebb_sdmc:-
                               Here is your answer. pleas see file.

isa-port-open.doc
0
 

Author Comment

by:mwebb_sdmc
ID: 33661763
Thanks everyone, I will try this today, I had most of it completed the way I thought it should be done with a few tweaks (thanks Amjad4).  Is there a good way to test if I have completed correctly?  I just have to go through and check my work again because the site still isn't working, but I need to make sure it is not the FW so that I can go back to IBM and let them know.

Thanks again!
0
 
LVL 10

Expert Comment

by:simonlimon
ID: 33661822
You can check the session state and monitor what happens with these ports

TMG Console ->  logs and reporting - > logging tab
0
 

Author Comment

by:mwebb_sdmc
ID: 33662062
I am sorry I don't mean to be a completely ignorant, but unfortunately on the ISA I am.  I searched google but couldn't find the correct answer.  I am now getting "Failed Connection Attempt" in my log file.  I don't think the url is correct it has a space in it, but IBM assures me it is correct.

Thanks again for all your help!
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 33684865
I guess by now you have decided it cannot be done except the way I have advised?
0
 

Author Comment

by:mwebb_sdmc
ID: 33684884
To be completely honest I am not sure if it is working or not.  I can't get to the web site, I do not know why they would make it so difficult to get to their sites when we are business partners!  Of course IBM is IBM they do what they want and we just deal with it..
0
 
LVL 10

Expert Comment

by:simonlimon
ID: 33692610
I am really curious what was the solution? Would you mind sharing?
0
 

Author Comment

by:mwebb_sdmc
ID: 33791496
I am not sure what the resolution was, I followed all the examples and I was able to get it working.  I am not at all sure it was even the firewall because IBM had to resolve some other issues.

Thank you all for your help!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Forefront is the brand name for Microsoft's major security product. Forefront covers a number of specific security areas and has 'swallowed' a number of applications under this umbrella including Antigen, ISA Server, the Integrated Access Gateway (t…
There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question