asked on
Publish LDAP Protocol through ISA 2006
Hi All,
we have a3-legged ISA 2k6 server.
We have an LDAP server on the internal network.
My problems is we use an external site to host web portal which needs to connect to our LDAP server through ISA. However, all LDAP connection are Denied Connection by the default rule.
We are only expecting traffic on 389, so the protocl is published as standard through the wizzard.
I would be obliged if someone could shed some light on this problem for me. I've attached a log extract for further reference.
Many thanks,
Adam.
isalog.txt
we have a3-legged ISA 2k6 server.
We have an LDAP server on the internal network.
My problems is we use an external site to host web portal which needs to connect to our LDAP server through ISA. However, all LDAP connection are Denied Connection by the default rule.
We are only expecting traffic on 389, so the protocl is published as standard through the wizzard.
I would be obliged if someone could shed some light on this problem for me. I've attached a log extract for further reference.
Many thanks,
Adam.
isalog.txt
Software FirewallsMicrosoft Forefront ISA Server
Last Comment
Keith Alabaster
create a rule that allow LDAP from the desired server without any ports specified, and then tune to allow only the required port.
ASKER
It is only LDAP port 389 that is used, the log has all traffic from the single client IP.
So I've published the LDAP protocol on the ISA server and log files is the result.
Denied Connection by Default Rule.
So I've published the LDAP protocol on the ISA server and log files is the result.
Denied Connection by Default Rule.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Sorry, not been back in the office since oyur last post Keith.
Have now created a new protocol and rule, allowing LDAP inbound and I am stil seeing the same error in the logs:
FWX_E_POLICY_RULES_DENIED
389 LDAP Denied Connection Default rule
Have now created a new protocol and rule, allowing LDAP inbound and I am stil seeing the same error in the logs:
FWX_E_POLICY_RULES_DENIED
389 LDAP Denied Connection Default rule
ASKER
Aplogies and many thanks Keith, been away for to long. Just double checked everyhting and you solution was spot on.
Adam.
Adam.
No problem - glad it is resolved