How do I allow on ISA2000

Hi All

I have blocked http to users & now I want to only allow access to say 20
website?.

Can this be done & if so how?

Running SBS2k3 2 x nic ISA2000 sp2 .


Simon

Marina
Tue Oct 19 06:37:52 CDT 2004

Hi Simon,

Start here:

Smallbizserver.Net > SBS 2000 > ISA Server 2000 > ISA for Dummies:
http://www.smallbizserver.net/Default.aspx?tabid=91

--
Regards,

Marina
Microsoft SBS-MVP

"Simon" <no_spam@evelouise.com> schreef in bericht
news:4174f572$0$47997$ed2e19e4@ptn-nntp-reader04.plus.net...
> Hi All
>
> I have blocked http to users & now I want to only allow access to say 20
> website?.
>
> Can this be done & if so how?
>
> Running SBS2k3 2 x nic ISA2000 sp2 .
>
>
> Simon
>
>

Fred
Tue Oct 19 06:53:59 CDT 2004


Do you mean allow protocol TCP 20 FTP? Or allow access to a certain
website/IP range?

Allow a protocol can be done in ISA with Access policy/IP packet filter.
Create an allow filter for TCP port 20. Make sure you know what you're
doing! so don't allow all destinations and inbound as port 20 is a serious
security breach. You can create destination sets under policy elements to
make sure it is only allowed for a specified IP range.

To create an allowed destination use your destination set in Access
Policy/Site and content rules.

Fred








"Simon" <no_spam@evelouise.com> wrote in message
news:4174f572$0$47997$ed2e19e4@ptn-nntp-reader04.plus.net...
> Hi All
>
> I have blocked http to users & now I want to only allow access to say 20
> website?.
>
> Can this be done & if so how?
>
> Running SBS2k3 2 x nic ISA2000 sp2 .
>
>
> Simon
>
>

Simon
Tue Oct 19 08:27:55 CDT 2004

Thanks Fred

this is not for FTP only http://www


The customer has 50 users in 3 groups.

Users need access to only 4 www sites & the rest of the web needs to be
blocked?.

Admin need access to about 25 www sites & the rest of the web needs to be
blocked?.

Administrators have full access" this is fine "

Simon




"Fred Blum" <h.f.blum@marketconnectnospam.nl> wrote in message
news:eV2TXJdtEHA.2800@TK2MSFTNGP10.phx.gbl...
>
> Do you mean allow protocol TCP 20 FTP? Or allow access to a certain
> website/IP range?
>
> Allow a protocol can be done in ISA with Access policy/IP packet filter.
> Create an allow filter for TCP port 20. Make sure you know what you're
> doing! so don't allow all destinations and inbound as port 20 is a serious
> security breach. You can create destination sets under policy elements to
> make sure it is only allowed for a specified IP range.
>
> To create an allowed destination use your destination set in Access
> Policy/Site and content rules.
>
> Fred
>
>
>
>
>
>
>
>
> "Simon" <no_spam@evelouise.com> wrote in message
> news:4174f572$0$47997$ed2e19e4@ptn-nntp-reader04.plus.net...
> > Hi All
> >
> > I have blocked http to users & now I want to only allow access to say 20
> > website?.
> >
> > Can this be done & if so how?
> >
> > Running SBS2k3 2 x nic ISA2000 sp2 .
> >
> >
> > Simon
> >
> >
>
>

Michael
Wed Oct 20 05:31:55 CDT 2004

Hello,

There is heaps of info on the internet about making client address sets
and destination sets in ISA 2000.

You basically make a destination set and then let a client address set
or user group access to only those addresses you allow.

As Marina Suggested, Smallbizserver.Net is a great resource to start
with !

Good luck

Simon wrote:

> Hi All
>
> I have blocked http to users & now I want to only allow access to say 20
> website?.
>
> Can this be done & if so how?
>
> Running SBS2k3 2 x nic ISA2000 sp2 .
>
>
> Simon
>
>

--
Michael J. Jenkin MVP - SBS, Senior Systems Engineer
Visit http://www.mickyj.com

Microsoft Most Valued Professional, Microsoft's Windows Server Systems -
Small Business Server
MVP's do not work for Microsoft. If this email was generated in a
newsgroup, please reply only to the newsgroup.
Note: The contents of my postings and responses here represent my
personal opinions and do not necessarily reflect the views, thoughts or
feelings of Microsoft or any of its employees.
http://mvp.support.microsoft.com