Link to home
Create AccountLog in
Avatar of adamlcohen
adamlcohen

asked on

Publish LDAP Protocol through ISA 2006

Hi All,

we have a3-legged ISA 2k6 server.

We have an LDAP server on the internal network.
My problems is we use an external site to host web portal which needs to connect to our LDAP server through ISA. However, all LDAP connection are Denied Connection by the default rule.

We are only expecting traffic on 389, so the protocl is published as standard through the wizzard.

I would be obliged if someone could shed some light on this problem for me. I've attached a log extract for further reference.

Many thanks,
Adam.
isalog.txt
Avatar of Hisham_Elkouha
Hisham_Elkouha
Flag of United Kingdom of Great Britain and Northern Ireland image

create a rule that allow LDAP from the desired server without any ports specified, and then tune to allow only the required port.
Avatar of adamlcohen
adamlcohen

ASKER

It is only LDAP port 389 that is used, the log has all traffic from the single client IP.

So I've published the LDAP protocol on the ISA server and log files is the result.
Denied Connection by Default Rule.
ASKER CERTIFIED SOLUTION
Avatar of Keith Alabaster
Keith Alabaster
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Sorry, not been back in the office since oyur last post Keith.

Have now created a new protocol and rule, allowing LDAP inbound and I am stil seeing the same error in the logs:

FWX_E_POLICY_RULES_DENIED
389      LDAP      Denied Connection      Default rule
Aplogies and many thanks Keith, been away for to long. Just double checked everyhting and you solution was spot on.

Adam.
No problem - glad it is resolved