Opening particular TCP Port

TheMSsForum.com: The Microsoft Software Forum

How can I open a particluar tcp/ip port in SBS2000? The SBS2000 machine is
running Exchange 2000 and ISA2000 and the ISA firewall is enabled. The
machine has two NIC one for internal and one for external.

I have already followed these steps listed:

1. Open SBS Admin Console
2. Expand ISA Server (Server & Arrays - Server Machine - Access Policy)
3. Right click on the IP Packet Filters and then New - Filter
4. I go through wizard to finish it.

Even after that I still cant get my application to work. Any ideas? Thanks.
Top

Re: Opening particular TCP Port by Steve

Steve
Fri Sep 19 06:19:06 CDT 2003

Kashif wrote:

> How can I open a particluar tcp/ip port in SBS2000? The SBS2000
> machine is running Exchange 2000 and ISA2000 and the ISA firewall is
> enabled. The machine has two NIC one for internal and one for
> external.
>
> I have already followed these steps listed:
>
> 1. Open SBS Admin Console
> 2. Expand ISA Server (Server & Arrays - Server Machine - Access
> Policy) 3. Right click on the IP Packet Filters and then New - Filter
> 4. I go through wizard to finish it.
>
> Even after that I still cant get my application to work. Any ideas?
> Thanks.

Packet Filters apply to the server itself. You need Protocol
Definitions and Protocol Rules to define what applications on
workstations can do.

A Protocol Definition outlines what port will be opened, and if any
secondary connections are made (eg FTP starts on port 21, but then also
uses port 20 and others).

A Protocol Rule then takes that Protocol Definition and sets out what
can be done with it, by whom and when.

--
Steve Foster [SBS MVP]
---------------------------------------
MVPs do not work for Microsoft. Please reply only to the newsgroups.
Top

Re: Opening particular TCP Port by Grey

Grey
Fri Sep 19 06:21:15 CDT 2003

to test your filter use telnet to that port on the "other" server.

Sometimes seems like it takes a reboot for the filter to kick in/allow

--
Grey
SBS ROCKS MVP


www.smallbizserver.com


"Kashif" <kashif@no-spam.justfone.com> wrote in message
news:OC0X7HpfDHA.2236@TK2MSFTNGP12.phx.gbl...
> How can I open a particluar tcp/ip port in SBS2000? The SBS2000 machine is
> running Exchange 2000 and ISA2000 and the ISA firewall is enabled. The
> machine has two NIC one for internal and one for external.
>
> I have already followed these steps listed:
>
> 1. Open SBS Admin Console
> 2. Expand ISA Server (Server & Arrays - Server Machine - Access Policy)
> 3. Right click on the IP Packet Filters and then New - Filter
> 4. I go through wizard to finish it.
>
> Even after that I still cant get my application to work. Any ideas?
Thanks.
>
>


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.518 / Virus Database: 316 - Release Date: 9/11/2003


Top

Re: Opening particular TCP Port by Kashif

Kashif
Fri Sep 19 08:10:31 CDT 2003

Thanks for your help guys.

After doing the following basic tests I think the ISA firewall is not
working properly:

1. My application works on the SBS2000 client machine but doesnt work at all
in SBS2000 server machine.
2. If I disable Firewall Client in SBS2000 client machine, this machine can
still browse the Internet. (which it shouldn't)
3. In SBS2000 client machine, Send File function in MSN Messenger works fine
even though the filter in the server machine is disabled.
http://www.smallbizserver.net

Am I missing something here? I would be very grateful if someone could let
me know how to properly test client firewall. Thanks.


"Kashif" <kashif@no-spam.justfone.com> wrote in message
news:OC0X7HpfDHA.2236@TK2MSFTNGP12.phx.gbl...
> How can I open a particluar tcp/ip port in SBS2000? The SBS2000 machine is
> running Exchange 2000 and ISA2000 and the ISA firewall is enabled. The
> machine has two NIC one for internal and one for external.
>
> I have already followed these steps listed:
>
> 1. Open SBS Admin Console
> 2. Expand ISA Server (Server & Arrays - Server Machine - Access Policy)
> 3. Right click on the IP Packet Filters and then New - Filter
> 4. I go through wizard to finish it.
>
> Even after that I still cant get my application to work. Any ideas?
Thanks.
>
>


Top

Re: Opening particular TCP Port by Kashif

Kashif
Fri Sep 19 08:14:44 CDT 2003

Thanks, Steve. If what you are saying is correct then why my application
works just fine in the client machine as compare to server machine.

Note: My application actually establishes a connection with a remote
database outside our domain.


"Steve Foster [SBS MVP]" <steve.foster@picamar.co.uk> wrote in message
news:eo35X$pfDHA.2172@TK2MSFTNGP09.phx.gbl...
> Kashif wrote:
>
> > How can I open a particluar tcp/ip port in SBS2000? The SBS2000
> > machine is running Exchange 2000 and ISA2000 and the ISA firewall is
> > enabled. The machine has two NIC one for internal and one for
> > external.
> >
> > I have already followed these steps listed:
> >
> > 1. Open SBS Admin Console
> > 2. Expand ISA Server (Server & Arrays - Server Machine - Access
> > Policy) 3. Right click on the IP Packet Filters and then New - Filter
> > 4. I go through wizard to finish it.
> >
> > Even after that I still cant get my application to work. Any ideas?
> > Thanks.
>
> Packet Filters apply to the server itself. You need Protocol
> Definitions and Protocol Rules to define what applications on
> workstations can do.
>
> A Protocol Definition outlines what port will be opened, and if any
> secondary connections are made (eg FTP starts on port 21, but then also
> uses port 20 and others).
>
> A Protocol Rule then takes that Protocol Definition and sets out what
> can be done with it, by whom and when.
>
> --
> Steve Foster [SBS MVP]
> ---------------------------------------
> MVPs do not work for Microsoft. Please reply only to the newsgroups.


Top

Re: Opening particular TCP Port by Steve

Steve
Fri Sep 19 12:58:13 CDT 2003

Kashif wrote:

> Thanks, Steve. If what you are saying is correct then why my
> application works just fine in the client machine as compare to
> server machine.
>
> Note: My application actually establishes a connection with a remote
> database outside our domain.
>

If the ISA Firewall Client is installed on a workstation, it can be
automatic.

So the question is what exactly is the problem? If the workstations
connect fine, what more do you need? I can't see an obvious reason for
running this application on the server.

--
Steve Foster [SBS MVP]
---------------------------------------
MVPs do not work for Microsoft. Please reply only to the newsgroups.
Top

Re: Opening particular TCP Port by Steve

Steve
Fri Sep 19 12:59:45 CDT 2003

Kashif wrote:

> Thanks for your help guys.
>
> After doing the following basic tests I think the ISA firewall is not
> working properly:
>
> 1. My application works on the SBS2000 client machine but doesnt work
> at all in SBS2000 server machine.

Why would you be running a client application on the server? It belongs
on the workstations, surely.

> 2. If I disable Firewall Client in SBS2000 client machine, this
> machine can still browse the Internet. (which it shouldn't)

Not so. If IE is configured to use the SBS as a proxy (the default),
then it will be able to browse the web even when the Firewall Client is
either not installed or disabled.

--
Steve Foster [SBS MVP]
---------------------------------------
MVPs do not work for Microsoft. Please reply only to the newsgroups.
Top