 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Windows Server Forum / Small Business Server / SBS 2003 / August 2005RIS on SBS 2003 + ISA 2004
We are running SBS 2003 with ISA 2004. Since the upgrade we now have really slow RIS installations. Has anyone come across this, and what rules need to be put in to allow access to RIS through ISA internally? Many thanks in advance Simon Gurner Hi Simon, Thank you for posting in SBS newsgroup. From the description, I understand that the internal RIS clients experienced slow connection to the RIS server through ISA 2004. If I have misunderstood your concerns, please do not hesitate to let me know. Based on my research, the similar issues were related to the TFTP traffic. Different from ISA server 2000, ISA server 2004 treats each network separately. The restrictions are implemented on each interface of the ISA server. There is no definite 'Internal' network concept. The traffic from the ISA server local to the internal network is also controlled by the firewall policies. For the current issue, the issue is probably caused because ISA blocks some UDP packages of TFTP traffic. Here, I suggest you try the following steps to see if the problem can be resolved: 1. Create a protocol definition for UDP port 1024-65000. Open ISA management console, navigate to 'Server Name'\'Firewall Policy'. In the right panel, click 'Toolbox' tab. Click 'New'->'Protocol'. In the wizard, input the name such as 'RIS'->Click 'New' button. Select 'UDP', 'Send Receive'. Define the port range from 1024-65000. Click 'Next'->'Next'->Click 'Finish' button. 2. Right-click 'Firewall Policy'->'New'->'Access Policy'. In the wizard, input the name such as 'Rule for RIS'.->Select 'Allow'->Select 'Selected protocols'. Click 'Add' button. Find the newly created protocol definition. Add it into the list. Click 'Add' button to add both 'Local Host' network and 'Lab' network objects into the source list.->Click 'Add' button to add both 'Local Host' network and 'Lab' network objects into the destinations list.->Click 'Next'->Click 'Finish' button to complete the configuration. 3. Click 'Apply' button to apply the settings. Navigate to 'Monitoring' snap-in. Restart the ISA firewall service in 'Services' tab. I hope the above information helps. If you have any questions or concerns, please feel free to let me know. Best regards, Crina Li (MSFT) Microsoft CSS Online Newsgroup Support Get Secure! - www.microsoft.com/security  Signature===================================================== This newsgroup only focuses on SBS technical issues. If you have issues regarding other Microsoft products, you'd better post in the corresponding newsgroups so that they can be resolved in an efficient and timely manner. You can locate the newsgroup here: http://www.microsoft.com/communities/newsgroups/en-us/default.aspx When opening a new thread via the web interface, we recommend you check the "Notify me of replies" box to receive e-mail notifications when there are any updates in your thread. When responding to posts via your newsreader, please "Reply to Group" so that others may learn and benefit from your issue. Microsoft engineers can only focus on one issue per thread. Although we provide other information for your reference, we recommend you post different incidents in different threads to keep the thread clean. In doing so, it will ensure your issues are resolved in a timely manner. For urgent issues, you may want to contact Microsoft CSS directly. Please check http://support.microsoft.com for regional support phone numbers. Any input or comments in this thread are highly appreciated. ===================================================== This posting is provided "AS IS" with no warranties, and confers no rights. -------------------- | From: "Simon Gurner" <simongurner@sunrisetechnologies.co.uk> | Subject: RIS on SBS 2003 + ISA 2004 [quoted text clipped - 8 lines] | | Simon Gurner For anyone that is interested, I've managed to get this working now (with thanks to Crina Li at Microsoft for pointing me the right direction...) RIS uses TFTP, but the rule in ISA is for TFTP is only a single direction. Here's what I did.... 1) Create a protocol definition, called "RIS". Allow "UDP" port 69 to "Send/Receive", then "apply" the rule. 2) Create a new access policy as follows: Name: RIS Allow Rule Selected Protocols: (user Defined) RIS Source: Internal Network, local host Destination: Internal Network, local host 3) Restart the firewall Service. After this RIS starts and responds as before on ISA 2000. Regards, Simon Gurner. > We are running SBS 2003 with ISA 2004. Since the upgrade we now have > really slow RIS installations. Has anyone come across this, and what [quoted text clipped - 3 lines] > > Simon Gurner Hi Simon, Thanks for your reply. I am glad to hear the problem is resolved. It is my pleasure to work with you in this post. If you encounter any difficulties in the future, please submit the post to the newsgroup. We are glad to be of the assistance. Again, thank you for using Microsoft newsgroup. Have a nice day. :) Best regards, Crina Li (MSFT) Microsoft CSS Online Newsgroup Support Get Secure! - www.microsoft.com/security Signature===================================================== This newsgroup only focuses on SBS technical issues. If you have issues regarding other Microsoft products, you'd better post in the corresponding newsgroups so that they can be resolved in an efficient and timely manner. You can locate the newsgroup here: http://www.microsoft.com/communities/newsgroups/en-us/default.aspx When opening a new thread via the web interface, we recommend you check the "Notify me of replies" box to receive e-mail notifications when there are any updates in your thread. When responding to posts via your newsreader, please "Reply to Group" so that others may learn and benefit from your issue. Microsoft engineers can only focus on one issue per thread. Although we provide other information for your reference, we recommend you post different incidents in different threads to keep the thread clean. In doing so, it will ensure your issues are resolved in a timely manner. For urgent issues, you may want to contact Microsoft CSS directly. Please check http://support.microsoft.com for regional support phone numbers. Any input or comments in this thread are highly appreciated. ===================================================== This posting is provided "AS IS" with no warranties, and confers no rights. -------------------- | From: "Simon Gurner" <simongurner@sunrisetechnologies.co.uk> | | Subject: Re: RIS on SBS 2003 + ISA 2004 [quoted text clipped - 37 lines] | > | > Simon Gurner |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2012 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.