Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

How MS ISA server works behind PIX ??

Dear All,

Can we filter Application level traffic coming from ISA server ,going to Internet through PIX firewall ??

Layer 3/4 traffic can be controlled using Access-list. Is there any other way to control HTTP tunneling through PIX ???

Thanx

2 REPLIES
Silver

Re: How MS ISA server works behind PIX ??

You can block all http traffic through the pix, except from the ISA server. Then figure out how to force all your internal machines to use the ISA server. That should do it.

Gold

Re: How MS ISA server works behind PIX ??

Hi Haleem,

Firstly, I was trying to reply to your mail to me about blocking messenger service BUT it seems that your mail server is DOWN, anyway if you are filtering www access by using ISA server, then you will require the following on your pix:

Using ACL (Named in this case) you would do the following:

>access-list inside permit tcp host XXXX any eq www

>access-list inside deny tcp any any eq www

>access-list inside permit ip any any

..now configure the ACL to the inside interface with a access-group statement i.e.

>access-group inside in interface inside

(NOTE. ON THE FIRST ACL ABOVE XXXX IS YOUR ISA IP ADDRESS)

Also, after you have configured the ACL's make sure you do a wr m (write to memory)

Hope this helps -

118
Views
0
Helpful
2
Replies
CreatePlease to create content