Acces to a TCP port to a WS

TheMSsForum.com: The Microsoft Software Forum

I have a SBS2000 network. The server has 2 network adapters. One for
intranet an one for Internet, with a public static address. Isa server is
installed.
Now i need to map tcp port 7020 to a client workstation in the lan from the
public address.
The client is DHCP, but i can make a reservation to get always same private
ip.
Im not sure how to make this in ISA. Can anyone help me?
Top

Re: Acces to a TCP port to a WS by Javier

Javier
Sat May 22 09:19:44 CDT 2004

Open the ISA console and run the server publishing wizard... it will take
you over doing it (do the reservation first). Can I ask why you need to
publish 7020?

1) First open the ISA console (Start->Programs->MS ISA Server-> ISA
Management->Servers and Arrays-> %servername%).

2) Create a new protocol definition for Whatever (using TCP 7020 Inbound)...
unless you have this already. Policy Elements-> Protocol Definitions-> New

3) Run the Server Publishing Wizard (Publishing-> right-click Server
Publishing Rules-> New-> Rule). Follow the Wizard instructions... you will
need to enter the IP address of the Win2k Server, and select the protocol
created on step #2 from the list.

4) If you have a Firewall/Router in front of ISA make sure that you forward
TCP 7020 to the external interface of the SBS box.

--
Javier [SBS MVP]

<< SBS ROCKS !!! >>

"acon" <ezacon@hotmail.com> wrote in message
news:eHLeyF$PEHA.2404@TK2MSFTNGP12.phx.gbl...
> I have a SBS2000 network. The server has 2 network adapters. One for
> intranet an one for Internet, with a public static address. Isa server is
> installed.
> Now i need to map tcp port 7020 to a client workstation in the lan from
the
> public address.
> The client is DHCP, but i can make a reservation to get always same
private
> ip.
> Im not sure how to make this in ISA. Can anyone help me?
>
>


Top

Re: Acces to a TCP port to a WS by acon

acon
Sat May 22 10:55:15 CDT 2004

This port is used by a banking application.

Thanks i whill try this inmediately

"Javier Gomez [SBS MVP]" <javier_gomez@remove.this.engineer.com> escribió en
el mensaje news:%23cdeVfAQEHA.3732@TK2MSFTNGP11.phx.gbl...
> Open the ISA console and run the server publishing wizard... it will take
> you over doing it (do the reservation first). Can I ask why you need to
> publish 7020?
>
> 1) First open the ISA console (Start->Programs->MS ISA Server-> ISA
> Management->Servers and Arrays-> %servername%).
>
> 2) Create a new protocol definition for Whatever (using TCP 7020
Inbound)...
> unless you have this already. Policy Elements-> Protocol Definitions-> New
>
> 3) Run the Server Publishing Wizard (Publishing-> right-click Server
> Publishing Rules-> New-> Rule). Follow the Wizard instructions... you will
> need to enter the IP address of the Win2k Server, and select the protocol
> created on step #2 from the list.
>
> 4) If you have a Firewall/Router in front of ISA make sure that you
forward
> TCP 7020 to the external interface of the SBS box.
>
> --
> Javier [SBS MVP]
>
> << SBS ROCKS !!! >>
>
> "acon" <ezacon@hotmail.com> wrote in message
> news:eHLeyF$PEHA.2404@TK2MSFTNGP12.phx.gbl...
> > I have a SBS2000 network. The server has 2 network adapters. One for
> > intranet an one for Internet, with a public static address. Isa server
is
> > installed.
> > Now i need to map tcp port 7020 to a client workstation in the lan from
> the
> > public address.
> > The client is DHCP, but i can make a reservation to get always same
> private
> > ip.
> > Im not sure how to make this in ISA. Can anyone help me?
> >
> >
>
>


Top

Re: Acces to a TCP port to a WS by Javier

Javier
Sat May 22 11:48:27 CDT 2004

Inbound? That sounds kind of stange.

If it doesn't work.. I would double check that first.

--
Javier [SBS MVP]

<< SBS ROCKS !!! >>

"acon" <ezacon@hotmail.com> wrote in message
news:uNaA1UBQEHA.3596@tk2msftngp13.phx.gbl...
> This port is used by a banking application.
>
> Thanks i whill try this inmediately
>
> "Javier Gomez [SBS MVP]" <javier_gomez@remove.this.engineer.com> escribió
en
> el mensaje news:%23cdeVfAQEHA.3732@TK2MSFTNGP11.phx.gbl...
> > Open the ISA console and run the server publishing wizard... it will
take
> > you over doing it (do the reservation first). Can I ask why you need to
> > publish 7020?
> >
> > 1) First open the ISA console (Start->Programs->MS ISA Server-> ISA
> > Management->Servers and Arrays-> %servername%).
> >
> > 2) Create a new protocol definition for Whatever (using TCP 7020
> Inbound)...
> > unless you have this already. Policy Elements-> Protocol Definitions->
New
> >
> > 3) Run the Server Publishing Wizard (Publishing-> right-click Server
> > Publishing Rules-> New-> Rule). Follow the Wizard instructions... you
will
> > need to enter the IP address of the Win2k Server, and select the
protocol
> > created on step #2 from the list.
> >
> > 4) If you have a Firewall/Router in front of ISA make sure that you
> forward
> > TCP 7020 to the external interface of the SBS box.
> >
> > --
> > Javier [SBS MVP]
> >
> > << SBS ROCKS !!! >>
> >
> > "acon" <ezacon@hotmail.com> wrote in message
> > news:eHLeyF$PEHA.2404@TK2MSFTNGP12.phx.gbl...
> > > I have a SBS2000 network. The server has 2 network adapters. One for
> > > intranet an one for Internet, with a public static address. Isa server
> is
> > > installed.
> > > Now i need to map tcp port 7020 to a client workstation in the lan
from
> > the
> > > public address.
> > > The client is DHCP, but i can make a reservation to get always same
> > private
> > > ip.
> > > Im not sure how to make this in ISA. Can anyone help me?
> > >
> > >
> >
> >
>
>


Top

Re: Acces to a TCP port to a WS by acon

acon
Sat May 22 12:29:43 CDT 2004

Yes it's strange, but tech people at bank said they need both in and outboud
access to this port...


"Javier Gomez [SBS MVP]" <javier_gomez@remove.this.engineer.com> escribió en
el mensaje news:uJsqmyBQEHA.1160@TK2MSFTNGP09.phx.gbl...
> Inbound? That sounds kind of stange.
>
> If it doesn't work.. I would double check that first.
>
> --
> Javier [SBS MVP]
>
> << SBS ROCKS !!! >>
>
> "acon" <ezacon@hotmail.com> wrote in message
> news:uNaA1UBQEHA.3596@tk2msftngp13.phx.gbl...
> > This port is used by a banking application.
> >
> > Thanks i whill try this inmediately
> >
> > "Javier Gomez [SBS MVP]" <javier_gomez@remove.this.engineer.com>
escribió
> en
> > el mensaje news:%23cdeVfAQEHA.3732@TK2MSFTNGP11.phx.gbl...
> > > Open the ISA console and run the server publishing wizard... it will
> take
> > > you over doing it (do the reservation first). Can I ask why you need
to
> > > publish 7020?
> > >
> > > 1) First open the ISA console (Start->Programs->MS ISA Server-> ISA
> > > Management->Servers and Arrays-> %servername%).
> > >
> > > 2) Create a new protocol definition for Whatever (using TCP 7020
> > Inbound)...
> > > unless you have this already. Policy Elements-> Protocol Definitions->
> New
> > >
> > > 3) Run the Server Publishing Wizard (Publishing-> right-click Server
> > > Publishing Rules-> New-> Rule). Follow the Wizard instructions... you
> will
> > > need to enter the IP address of the Win2k Server, and select the
> protocol
> > > created on step #2 from the list.
> > >
> > > 4) If you have a Firewall/Router in front of ISA make sure that you
> > forward
> > > TCP 7020 to the external interface of the SBS box.
> > >
> > > --
> > > Javier [SBS MVP]
> > >
> > > << SBS ROCKS !!! >>
> > >
> > > "acon" <ezacon@hotmail.com> wrote in message
> > > news:eHLeyF$PEHA.2404@TK2MSFTNGP12.phx.gbl...
> > > > I have a SBS2000 network. The server has 2 network adapters. One for
> > > > intranet an one for Internet, with a public static address. Isa
server
> > is
> > > > installed.
> > > > Now i need to map tcp port 7020 to a client workstation in the lan
> from
> > > the
> > > > public address.
> > > > The client is DHCP, but i can make a reservation to get always same
> > > private
> > > > ip.
> > > > Im not sure how to make this in ISA. Can anyone help me?
> > > >
> > > >
> > >
> > >
> >
> >
>
>


Top

Re: Acces to a TCP port to a WS by Chad

Chad
Sat May 22 12:45:39 CDT 2004

I'd check to see if it works without a server publishing rule. ISA will
allow inbound traffic for a client over any given port assuming that:

1) the client initiated the request (outbound traffic)
2) there is a protocol rule in place allowing the outbound traffic

You should only need to set up a server publishing rule if you need to
accept traffic from unsolicited internet requests. (E.g. - the bank can
connect to your workstation whenever they want from their location, without
anyone needing to be at the workstation)

99% of the time, client applications like this only need outbound access
through ISA to work. In some situations, you may need to enable secondary
connections to allow the host server to connect via a different port after
the initial connection is made, but the way secondary connections work, you
can still prevent from throwing those ports up wide open . . .

--

Chad A. Gross - SBS MVP
SBS ROCKS!

www.msmvps.com/cgross
www.gosbs.org


acon wrote:
> Yes it's strange, but tech people at bank said they need both in and
> outboud access to this port...
>
>
> "Javier Gomez [SBS MVP]" <javier_gomez@remove.this.engineer.com>
> escribió en el mensaje news:uJsqmyBQEHA.1160@TK2MSFTNGP09.phx.gbl...
>> Inbound? That sounds kind of stange.
>>
>> If it doesn't work.. I would double check that first.
>>
>> --
>> Javier [SBS MVP]
>>
>> << SBS ROCKS !!! >>
>>
>> "acon" <ezacon@hotmail.com> wrote in message
>> news:uNaA1UBQEHA.3596@tk2msftngp13.phx.gbl...
>>> This port is used by a banking application.
>>>
>>> Thanks i whill try this inmediately
>>>
>>> "Javier Gomez [SBS MVP]" <javier_gomez@remove.this.engineer.com>
>>> escribió en el mensaje
>>> news:%23cdeVfAQEHA.3732@TK2MSFTNGP11.phx.gbl...
>>>> Open the ISA console and run the server publishing wizard... it
>>>> will take you over doing it (do the reservation first). Can I ask
>>>> why you need to publish 7020?
>>>>
>>>> 1) First open the ISA console (Start->Programs->MS ISA Server-> ISA
>>>> Management->Servers and Arrays-> %servername%).
>>>>
>>>> 2) Create a new protocol definition for Whatever (using TCP 7020
>>>> Inbound)... unless you have this already. Policy Elements->
>>>> Protocol Definitions-> New
>>>>
>>>> 3) Run the Server Publishing Wizard (Publishing-> right-click
>>>> Server Publishing Rules-> New-> Rule). Follow the Wizard
>>>> instructions... you will need to enter the IP address of the Win2k
>>>> Server, and select the protocol created on step #2 from the list.
>>>>
>>>> 4) If you have a Firewall/Router in front of ISA make sure that
>>>> you forward TCP 7020 to the external interface of the SBS box.
>>>>
>>>> --
>>>> Javier [SBS MVP]
>>>>
>>>> << SBS ROCKS !!! >>
>>>>
>>>> "acon" <ezacon@hotmail.com> wrote in message
>>>> news:eHLeyF$PEHA.2404@TK2MSFTNGP12.phx.gbl...
>>>>> I have a SBS2000 network. The server has 2 network adapters. One
>>>>> for intranet an one for Internet, with a public static address.
>>>>> Isa server is installed.
>>>>> Now i need to map tcp port 7020 to a client workstation in the
>>>>> lan from the public address.
>>>>> The client is DHCP, but i can make a reservation to get always
>>>>> same private ip.
>>>>> Im not sure how to make this in ISA. Can anyone help me?


Top

Re: Acces to a TCP port to a WS by acon

acon
Sat May 22 13:18:07 CDT 2004

Yes you are right, the client always initiate the comunication.
I have created a protocol definition and a protocol rule using this protocol
definition to grant access outboud to a AD group, where the user is
included.
I d'ont know if i have to create packet filter to allow comunication on this
port.
I am not an isa expert, so can you explain al the needed steeps to do that?

Thanks




"Chad A. Gross [SBS MVP]" <chad.gross@laytonflower.nospam.com> escribió en
el mensaje news:ulzVZSCQEHA.3708@TK2MSFTNGP10.phx.gbl...
> I'd check to see if it works without a server publishing rule. ISA will
> allow inbound traffic for a client over any given port assuming that:
>
> 1) the client initiated the request (outbound traffic)
> 2) there is a protocol rule in place allowing the outbound traffic
>
> You should only need to set up a server publishing rule if you need to
> accept traffic from unsolicited internet requests. (E.g. - the bank can
> connect to your workstation whenever they want from their location,
without
> anyone needing to be at the workstation)
>
> 99% of the time, client applications like this only need outbound access
> through ISA to work. In some situations, you may need to enable secondary
> connections to allow the host server to connect via a different port after
> the initial connection is made, but the way secondary connections work,
you
> can still prevent from throwing those ports up wide open . . .
>
> --
>
> Chad A. Gross - SBS MVP
> SBS ROCKS!
>
> www.msmvps.com/cgross
> www.gosbs.org
>
>
> acon wrote:
> > Yes it's strange, but tech people at bank said they need both in and
> > outboud access to this port...
> >
> >
> > "Javier Gomez [SBS MVP]" <javier_gomez@remove.this.engineer.com>
> > escribió en el mensaje news:uJsqmyBQEHA.1160@TK2MSFTNGP09.phx.gbl...
> >> Inbound? That sounds kind of stange.
> >>
> >> If it doesn't work.. I would double check that first.
> >>
> >> --
> >> Javier [SBS MVP]
> >>
> >> << SBS ROCKS !!! >>
> >>
> >> "acon" <ezacon@hotmail.com> wrote in message
> >> news:uNaA1UBQEHA.3596@tk2msftngp13.phx.gbl...
> >>> This port is used by a banking application.
> >>>
> >>> Thanks i whill try this inmediately
> >>>
> >>> "Javier Gomez [SBS MVP]" <javier_gomez@remove.this.engineer.com>
> >>> escribió en el mensaje
> >>> news:%23cdeVfAQEHA.3732@TK2MSFTNGP11.phx.gbl...
> >>>> Open the ISA console and run the server publishing wizard... it
> >>>> will take you over doing it (do the reservation first). Can I ask
> >>>> why you need to publish 7020?
> >>>>
> >>>> 1) First open the ISA console (Start->Programs->MS ISA Server-> ISA
> >>>> Management->Servers and Arrays-> %servername%).
> >>>>
> >>>> 2) Create a new protocol definition for Whatever (using TCP 7020
> >>>> Inbound)... unless you have this already. Policy Elements->
> >>>> Protocol Definitions-> New
> >>>>
> >>>> 3) Run the Server Publishing Wizard (Publishing-> right-click
> >>>> Server Publishing Rules-> New-> Rule). Follow the Wizard
> >>>> instructions... you will need to enter the IP address of the Win2k
> >>>> Server, and select the protocol created on step #2 from the list.
> >>>>
> >>>> 4) If you have a Firewall/Router in front of ISA make sure that
> >>>> you forward TCP 7020 to the external interface of the SBS box.
> >>>>
> >>>> --
> >>>> Javier [SBS MVP]
> >>>>
> >>>> << SBS ROCKS !!! >>
> >>>>
> >>>> "acon" <ezacon@hotmail.com> wrote in message
> >>>> news:eHLeyF$PEHA.2404@TK2MSFTNGP12.phx.gbl...
> >>>>> I have a SBS2000 network. The server has 2 network adapters. One
> >>>>> for intranet an one for Internet, with a public static address.
> >>>>> Isa server is installed.
> >>>>> Now i need to map tcp port 7020 to a client workstation in the
> >>>>> lan from the public address.
> >>>>> The client is DHCP, but i can make a reservation to get always
> >>>>> same private ip.
> >>>>> Im not sure how to make this in ISA. Can anyone help me?
>
>


Top

Re: Acces to a TCP port to a WS by Chad

Chad
Sat May 22 13:43:12 CDT 2004

Hi acon -

You shouldn't need to create any packet filters. Packet filters apply to
the ISA server itself, where protocol rules apply to clients.

For an intro to ISA, check out
http://www.smallbizserver.net/DesktopDefault.aspx?tabid=91

--

Chad A. Gross - SBS MVP
SBS ROCKS!

www.msmvps.com/cgross
www.gosbs.org


acon wrote:
> Yes you are right, the client always initiate the comunication.
> I have created a protocol definition and a protocol rule using this
> protocol definition to grant access outboud to a AD group, where the
> user is included.
> I d'ont know if i have to create packet filter to allow comunication
> on this port.
> I am not an isa expert, so can you explain al the needed steeps to do
> that?
>
> Thanks
>
>
>
>
> "Chad A. Gross [SBS MVP]" <chad.gross@laytonflower.nospam.com>
> escribió en el mensaje news:ulzVZSCQEHA.3708@TK2MSFTNGP10.phx.gbl...
>> I'd check to see if it works without a server publishing rule. ISA
>> will allow inbound traffic for a client over any given port assuming
>> that:
>>
>> 1) the client initiated the request (outbound traffic)
>> 2) there is a protocol rule in place allowing the outbound traffic
>>
>> You should only need to set up a server publishing rule if you need
>> to accept traffic from unsolicited internet requests. (E.g. - the
>> bank can connect to your workstation whenever they want from their
>> location, without anyone needing to be at the workstation)
>>
>> 99% of the time, client applications like this only need outbound
>> access through ISA to work. In some situations, you may need to
>> enable secondary connections to allow the host server to connect via
>> a different port after the initial connection is made, but the way
>> secondary connections work, you can still prevent from throwing
>> those ports up wide open . . .
>>
>> --
>>
>> Chad A. Gross - SBS MVP
>> SBS ROCKS!
>>
>> www.msmvps.com/cgross
>> www.gosbs.org
>>
>>
>> acon wrote:
>>> Yes it's strange, but tech people at bank said they need both in and
>>> outboud access to this port...
>>>
>>>
>>> "Javier Gomez [SBS MVP]" <javier_gomez@remove.this.engineer.com>
>>> escribió en el mensaje news:uJsqmyBQEHA.1160@TK2MSFTNGP09.phx.gbl...
>>>> Inbound? That sounds kind of stange.
>>>>
>>>> If it doesn't work.. I would double check that first.
>>>>
>>>> --
>>>> Javier [SBS MVP]
>>>>
>>>> << SBS ROCKS !!! >>
>>>>
>>>> "acon" <ezacon@hotmail.com> wrote in message
>>>> news:uNaA1UBQEHA.3596@tk2msftngp13.phx.gbl...
>>>>> This port is used by a banking application.
>>>>>
>>>>> Thanks i whill try this inmediately
>>>>>
>>>>> "Javier Gomez [SBS MVP]" <javier_gomez@remove.this.engineer.com>
>>>>> escribió en el mensaje
>>>>> news:%23cdeVfAQEHA.3732@TK2MSFTNGP11.phx.gbl...
>>>>>> Open the ISA console and run the server publishing wizard... it
>>>>>> will take you over doing it (do the reservation first). Can I ask
>>>>>> why you need to publish 7020?
>>>>>>
>>>>>> 1) First open the ISA console (Start->Programs->MS ISA Server->
>>>>>> ISA Management->Servers and Arrays-> %servername%).
>>>>>>
>>>>>> 2) Create a new protocol definition for Whatever (using TCP 7020
>>>>>> Inbound)... unless you have this already. Policy Elements->
>>>>>> Protocol Definitions-> New
>>>>>>
>>>>>> 3) Run the Server Publishing Wizard (Publishing-> right-click
>>>>>> Server Publishing Rules-> New-> Rule). Follow the Wizard
>>>>>> instructions... you will need to enter the IP address of the
>>>>>> Win2k Server, and select the protocol created on step #2 from
>>>>>> the list.
>>>>>>
>>>>>> 4) If you have a Firewall/Router in front of ISA make sure that
>>>>>> you forward TCP 7020 to the external interface of the SBS box.
>>>>>>
>>>>>> --
>>>>>> Javier [SBS MVP]
>>>>>>
>>>>>> << SBS ROCKS !!! >>
>>>>>>
>>>>>> "acon" <ezacon@hotmail.com> wrote in message
>>>>>> news:eHLeyF$PEHA.2404@TK2MSFTNGP12.phx.gbl...
>>>>>>> I have a SBS2000 network. The server has 2 network adapters. One
>>>>>>> for intranet an one for Internet, with a public static address.
>>>>>>> Isa server is installed.
>>>>>>> Now i need to map tcp port 7020 to a client workstation in the
>>>>>>> lan from the public address.
>>>>>>> The client is DHCP, but i can make a reservation to get always
>>>>>>> same private ip.
>>>>>>> Im not sure how to make this in ISA. Can anyone help me?


Top

Re: Acces to a TCP port to a WS by acon

acon
Sun May 23 06:58:12 CDT 2004

Thanks Chad. Great article about basics of ISA.
I whas a litle bit confused abour IPfilters and server publication.
I think my apllication will work now. I check it tomorrow at office.

"Chad A. Gross [SBS MVP]" <chad.gross@laytonflower.nospam.com> escribió en
el mensaje news:uqeolyCQEHA.3596@tk2msftngp13.phx.gbl...
> Hi acon -
>
> You shouldn't need to create any packet filters. Packet filters apply to
> the ISA server itself, where protocol rules apply to clients.
>
> For an intro to ISA, check out
> http://www.smallbizserver.net/DesktopDefault.aspx?tabid=91
>
> --
>
> Chad A. Gross - SBS MVP
> SBS ROCKS!
>
> www.msmvps.com/cgross
> www.gosbs.org
>
>
> acon wrote:
> > Yes you are right, the client always initiate the comunication.
> > I have created a protocol definition and a protocol rule using this
> > protocol definition to grant access outboud to a AD group, where the
> > user is included.
> > I d'ont know if i have to create packet filter to allow comunication
> > on this port.
> > I am not an isa expert, so can you explain al the needed steeps to do
> > that?
> >
> > Thanks
> >
> >
> >
> >
> > "Chad A. Gross [SBS MVP]" <chad.gross@laytonflower.nospam.com>
> > escribió en el mensaje news:ulzVZSCQEHA.3708@TK2MSFTNGP10.phx.gbl...
> >> I'd check to see if it works without a server publishing rule. ISA
> >> will allow inbound traffic for a client over any given port assuming
> >> that:
> >>
> >> 1) the client initiated the request (outbound traffic)
> >> 2) there is a protocol rule in place allowing the outbound traffic
> >>
> >> You should only need to set up a server publishing rule if you need
> >> to accept traffic from unsolicited internet requests. (E.g. - the
> >> bank can connect to your workstation whenever they want from their
> >> location, without anyone needing to be at the workstation)
> >>
> >> 99% of the time, client applications like this only need outbound
> >> access through ISA to work. In some situations, you may need to
> >> enable secondary connections to allow the host server to connect via
> >> a different port after the initial connection is made, but the way
> >> secondary connections work, you can still prevent from throwing
> >> those ports up wide open . . .
> >>
> >> --
> >>
> >> Chad A. Gross - SBS MVP
> >> SBS ROCKS!
> >>
> >> www.msmvps.com/cgross
> >> www.gosbs.org
> >>
> >>
> >> acon wrote:
> >>> Yes it's strange, but tech people at bank said they need both in and
> >>> outboud access to this port...
> >>>
> >>>
> >>> "Javier Gomez [SBS MVP]" <javier_gomez@remove.this.engineer.com>
> >>> escribió en el mensaje news:uJsqmyBQEHA.1160@TK2MSFTNGP09.phx.gbl...
> >>>> Inbound? That sounds kind of stange.
> >>>>
> >>>> If it doesn't work.. I would double check that first.
> >>>>
> >>>> --
> >>>> Javier [SBS MVP]
> >>>>
> >>>> << SBS ROCKS !!! >>
> >>>>
> >>>> "acon" <ezacon@hotmail.com> wrote in message
> >>>> news:uNaA1UBQEHA.3596@tk2msftngp13.phx.gbl...
> >>>>> This port is used by a banking application.
> >>>>>
> >>>>> Thanks i whill try this inmediately
> >>>>>
> >>>>> "Javier Gomez [SBS MVP]" <javier_gomez@remove.this.engineer.com>
> >>>>> escribió en el mensaje
> >>>>> news:%23cdeVfAQEHA.3732@TK2MSFTNGP11.phx.gbl...
> >>>>>> Open the ISA console and run the server publishing wizard... it
> >>>>>> will take you over doing it (do the reservation first). Can I ask
> >>>>>> why you need to publish 7020?
> >>>>>>
> >>>>>> 1) First open the ISA console (Start->Programs->MS ISA Server->
> >>>>>> ISA Management->Servers and Arrays-> %servername%).
> >>>>>>
> >>>>>> 2) Create a new protocol definition for Whatever (using TCP 7020
> >>>>>> Inbound)... unless you have this already. Policy Elements->
> >>>>>> Protocol Definitions-> New
> >>>>>>
> >>>>>> 3) Run the Server Publishing Wizard (Publishing-> right-click
> >>>>>> Server Publishing Rules-> New-> Rule). Follow the Wizard
> >>>>>> instructions... you will need to enter the IP address of the
> >>>>>> Win2k Server, and select the protocol created on step #2 from
> >>>>>> the list.
> >>>>>>
> >>>>>> 4) If you have a Firewall/Router in front of ISA make sure that
> >>>>>> you forward TCP 7020 to the external interface of the SBS box.
> >>>>>>
> >>>>>> --
> >>>>>> Javier [SBS MVP]
> >>>>>>
> >>>>>> << SBS ROCKS !!! >>
> >>>>>>
> >>>>>> "acon" <ezacon@hotmail.com> wrote in message
> >>>>>> news:eHLeyF$PEHA.2404@TK2MSFTNGP12.phx.gbl...
> >>>>>>> I have a SBS2000 network. The server has 2 network adapters. One
> >>>>>>> for intranet an one for Internet, with a public static address.
> >>>>>>> Isa server is installed.
> >>>>>>> Now i need to map tcp port 7020 to a client workstation in the
> >>>>>>> lan from the public address.
> >>>>>>> The client is DHCP, but i can make a reservation to get always
> >>>>>>> same private ip.
> >>>>>>> Im not sure how to make this in ISA. Can anyone help me?
>
>


Top