ISA/TMG Firewall policy with multiple allowed ports?

Posted on 2010-09-16
Last Modified: 2012-05-10
Am I missing something or do you really need to create a separate policy for every port you want to allow?  For example, if I want to allow ports 80, 443, 1207, 8080 and 15000 to specific internal server, do I really need to create 5 policies?  This would get messy really quick for a large number of servers/policies.  
Question by:dkraut
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2

Assisted Solution

araberuni earned 50 total points
ID: 33699417
If its allowing ports to specific internal server such as

Policy name: xxz
Action: Allow
Protocol: http,https, user-defined (1207,8080,15000)
Destination:ComputerName or internal server
Users:All-users /your users

Then it should be ok. No need to create 5 rules. However, if you are publishing web server then use web publishing rule for each of them. It would not be messy just select all similar rules>right click>group them. you will be organised.

Author Comment

ID: 33700072
Then I must be missing something.  I don't see any way to select more than a single protocol/port per policy or create a custom protocol object that includes more than 1 port?   Is it "secondary connections" maybe?
LVL 49

Accepted Solution

Akhater earned 450 total points
ID: 33704777
No actually you are not missing anything when you are publishing a server you can only specify one protocol/port

in your case you will need 5 rules
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Expert Comment

ID: 33710403
Please let me know, is it a web publishing rule or allowing protocols?? Please explain a bit.
LVL 49

Expert Comment

ID: 33710543
@araberuni the OP is obviously talking about server publishing rules and he is right he will need to create 5 rules as I said earlier

Author Closing Comment

ID: 33827608

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
In a recent question ( here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question