AW: Firewall problemFrom: Holger Reichert (firstname.lastname@example.org)
- Previous message: Enquiries: "RE: Is this as bad as it seems?"
- In reply to: Vasiliy Boulytchev: "Re: Firewall problem"
- Next in thread: yash: "Re: Firewall problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Holger Reichert" <email@example.com> To: <firstname.lastname@example.org> Date: Wed, 31 Jul 2002 10:24:48 +0200
I myself cannot answere you your question yet, but there is plenty of
It's an independent page dedicated to help administrators of an ISA-Server.
They also have a mailing list, which is very helpfull.
Von: Vasiliy Boulytchev [mailto:email@example.com]
Gesendet: Montag, 29. Juli 2002 22:05
Betreff: Re: Firewall problem
Forget Microsoft's suggestions about staying secure. Scratch the costs
of MS ISA server, or whatever they call that junk these days, and install
Mandrake, Suse, Red Hat :( , anything but winblows. I know FreeBSD/OpenBSD
blows tux out of the water, but you should start at something simpler.
Colorado Information Technologies Inc.
----- Original Message -----
From: "Ash" <firstname.lastname@example.org>
To: "Chris Berry" <email@example.com>
Sent: Tuesday, July 23, 2002 8:32 PM
Subject: Re: Firewall problem
> More information would be great. A short sollution would be to use
> OpenBSD pf. It not only has a good amount of documentation but is also
> on of the most veritile firewall solutions arround.
> Please give some more information on the configuration (like the rules
> Darkfire Secure Linux -- http://www.gnulinux.net
> On Tue, 2002-07-23 at 12:11, Chris Berry wrote:
> > We're using MS ISA server as our firewall. In accordance with their
> > best practices recommendation I've put it on a dual-homed machine and
> > up only the external interface with a default gateway. Our internet
> > connection is working well, and as far as I can tell reasonably secure.
> > However we can't connect telnet traffic, nor can I ping internet sites,
> > even though I have rules configured that should allow this.
> > Previously all of this worked but people without a proxy client
> > still connect to the internet which we didn't want. I might be able to
> > reconfigure the routing tables to allow that kind of traffic but I'm not
> > sure thats the right solution. My terminal emulator program doesn't
> > natively support proxies. We're on a very limited budget so any
> > I find probably has to be free. Does anyone have any suggestions or do
> > you need more information?