Hi, I found ISA a best solution for LAN security. As you can only implement packet filter rules on DMZ so I will not suggest it for DMZ. I never face any problem as you have mentioned. You might miss something in rule base. Please check it out as per recommendations, give your rule base details and Revert.
Cheers! Balwant -----Original Message----- From: Chris Berry [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 23, 2002 10:42 PM To: [EMAIL PROTECTED] Subject: Firewall problem We're using MS ISA server as our firewall. In accordance with their best practices recommendation I've put it on a dual-homed machine and set up only the external interface with a default gateway. Our internet connection is working well, and as far as I can tell reasonably secure. However we can't connect telnet traffic, nor can I ping internet sites, even though I have rules configured that should allow this. Previously all of this worked but people without a proxy client could still connect to the internet which we didn't want. I might be able to reconfigure the routing tables to allow that kind of traffic but I'm not sure thats the right solution. My terminal emulator program doesn't natively support proxies. We're on a very limited budget so any solution I find probably has to be free. Does anyone have any suggestions or do you need more information?
