SuperGumby
Thu Jan 20 15:53:52 CST 2005
you can also change ISA to accept 'basic authentication' and set DU to use
proxy settings.
"Javier Gomez [SBS MVP]" <javier_gomez@REMOVE.THIS.engineer.com> wrote in
message news:%23cQNCTy$EHA.3368@TK2MSFTNGP15.phx.gbl...
>> "Then, make sure that no firewall application (like ZoneAlarm) is
>> blocking TCP connection on port 40019 (default port)."
>>
>> I opened this port in the router's setup. (strange, I forgot to open the
>> port in my home router, but it still worked).
>
> You probably didn't have to do that... most likely 40019 needs to be open
> in the outbound. Most routers don't control outbound traffic.
>
>> I'm not sure if I have to do anything in ISA.
>
> Yes, you most likely need to create that packet filter (and if you are
> using web based IP detection, which is a must behind a NAT router, then
> you need port 80 outbound as well).
>
>> For other program (Mozilla), I already created entries to allow IP
>> traffic. I don't fully understand ISA and get confused between "Access
>> Policy" entries for "IP Packet Fileters" and "Protocol Rules". Do I need
>> to do anything for
>
> I assume you are installing DU on the server... so a Packet Filter is what
> you need (Protocol Rules affect the clients, not the server). Follow the
> directions in this site (under "Packet Filtering for Services and App's on
> the ISA Server"):
>
http://www.isaserver.org/tutorials/How_to_use_ISA_Server_Packet_Filters.html
>
> Call it DirectUpdate, select TCP as protocol, direction = outbound, local
> port = dynamic, remote port = fixed : 40019.
>
> If you still have trouble. Just post back.
>
> Cheers,
>
> --
> Javier [SBS MVP]
> www.msmvps.com/javier
> << SBS ROCKS!!! >>
>