Forum
Bildirimler
Hepsini Temizle
Fortinet
5
Yazılar
2
Üyeler
0
Reactions
621
Görüntüleme
Konu başlatıcı
Merhaba
Şirket ağındaki makinalar ftp sunucularına bağlanamıyorlar.
2 Adet güvenlik duvarı aktif durumdadır.
Önde Utm Checkpoint, Arkasında Isa firewall 2006 mevcut.
Isa üzerideki rule tanımlamamda ftp ye izin verdim. Read only seçeneğinide kaldırdım.
Ancak utm üzerinde ftp ye erişkin hiç bir ayar yapmadım. Utm üzerinde ftp ye ilişkin bir ayar yapmam gerekiyormu?
Gerekiyorsa nasıl bir kural oluşturmalıyım..
Gönderildi : 09/07/2008 15:25
Merhaba;
UTM üzerindeki kurallar nasıl bilmek lazım ?
UTM e gelen bütün istekler ISA danmı gelir ? Eğer böle ise ısa dan any ye ftp servisleri için accept dersen sorun düzelmeli.
İyi çalışmalar.
Gönderildi : 09/07/2008 20:03
Konu başlatıcı
İstekler proxy den geliyor. Söylemiş olduğunuz kuralı yaptım. Ancak çözüm olmadı. Browser'da adresi yazınca şöyle bir hata alıyorum.
Error Code: 502 Proxy Error. The login request was denied. The logon account might have been disabled or logon information might have changed. Log on again to verify that the information was typed correctly. If the problem continues, report the problem to the administrator of the Internet server you are requesting. (12015)
Gönderildi : 10/07/2008 12:41
Users receive an "Error Code 502: Proxy error. The parameter is incorrect. (87)" error when they visit certain URLs after you configure HTTP content filtering based on signatures or on extensions in ISA Server 2004
function loadTOCNode(){}
| Article ID | : | 894483 |
| Last Review | : | December 4, 2007 |
| Revision | : | 3.7 |
var sectionFilter = "type != 'notice' && type != 'securedata' && type != 'querywords'";
var tocArrow = "/library/images/support/kbgraphics/public/en-us/downarrow.gif";
var depthLimit = 10;
var depth3Limit = 10;
var depth4Limit = 5;
var depth5Limit = 3;
var tocEntryMinimum = 1;
SYMPTOMS
loadTOCNode(1, 'symptoms');
After you configure Microsoft Internet Security and Acceleration (ISA) Server 2004 to filter HTTP content based on signatures or on extensions, users in your organization experience the following symptom.
When a user visits certain URLs, that user receives the following error message in the Web browser:
Note For more information about how to configure the ISA Server 2004 HTTP Filter component, see the "More Information" section.
When a user visits certain URLs, that user receives the following error message in the Web browser:
Error Code 502: Proxy error. The parameter is incorrect. (87)
If you remove all signatures and extensions from the HTTP Filter settings, and if you configure the HTTP Filter component to allow all signatures and extensions, you no longer experience this problem.Note For more information about how to configure the ISA Server 2004 HTTP Filter component, see the "More Information" section.
Back to the topCAUSE
loadTOCNode(1, 'cause');
This problem occurs because of a problem in the ISA Server 2004 HTTP Security Filter component. This component is named HTTPFilter.dll.
RESOLUTION
loadTOCNode(1, 'resolution');
Service pack information
loadTOCNode(2, 'resolution');
To resolve this problem, obtain the latest service pack for Internet Security and Acceleration Server 2004. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
891024 ( http://support.microsoft.com/kb/891024/) How to obtain the latest ISA Server 2004 service pack
Hotfix Information
loadTOCNode(2, 'resolution');
A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.
If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.
Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
http://support.microsoft.com/contactus/?ws=support ( http://support.microsoft.com/contactus/?ws=support)
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.Prerequisites
loadTOCNode(3, 'resolution');
If you are running ISA Server 2004, Standard Edition, you must have ISA Server 2004 Service Pack 1 installed to apply this hotfix. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
891024 ( http://support.microsoft.com/kb/891024/) How to obtain the latest ISA Server 2004 service pack
Restart requirement
loadTOCNode(3, 'resolution');
You do not have to restart your computer after you apply this hotfix.
Hotfix replacement information
loadTOCNode(3, 'resolution');
This hotfix does not replace any other hotfixes.
File information
loadTOCNode(3, 'resolution');
The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
ISA Server 2004, Standard Edition
loadTOCNode(4, 'resolution');
Date Time Version Size File name
---------------------------------------------------------
31-Mar-2005 18:22 4.0.2163.251 120.320 HTTPFilter.dll
ISA Server 2004, Enterprise Edition
loadTOCNode(4, 'resolution');
Date Time Version Size File name
---------------------------------------------------------
03-Apr-2005 14:00 4.0.3440.251 128.792 HTTPFilter.dll
WORKAROUND
loadTOCNode(1, 'workaround');
To work around this problem, configure the options on the Signatures tab and on the Extensions tab of the HTTP Filter settings. To do this, follow these steps:
For more information about how to configure the ISA Server 2004 HTTP Filter component, see the "More Information" section.
| 1. | Remove all the signatures and extensions that are listed on these tabs. |
| 2. | Configure the HTTP Filter to allow all signatures and extensions. |
STATUS
loadTOCNode(1, 'status');
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in Internet Security and Acceleration Server 2004 Service Pack 2.
MORE INFORMATION
loadTOCNode(1, 'moreinformation');
To configure the ISA Server 2004 HTTP Filter component to block or to allow all signatures and extensions for HTTP traffic, follow these steps:
For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
| 1. | Click Start, point to All Programs, point to Microsoft ISA Server, and then click ISA Server Management. | ||||
| 2. | In the left pane, expand ServerName, where ServerName is the name of the computer that is running ISA Server. Note If you are running ISA Server 2004, Enterprise Edition, expand Arrays in the left pane, and then expand ServerName. | ||||
| 3. | Click Firewall Policy. | ||||
| 4. | In the center pane, right-click the access rule that you want to configure, and then click Configure HTTP. | ||||
| 5. | In the Configure HTTP policy for rule dialog box, take one of the following actions:
| ||||
| 6. | Configure the options on the Signatures tab or on the Extensions tab to allow or to block the content that you want, and then click OK. | ||||
| 7. | Click Apply to save your changes to the firewall policy, and then click OK. |
824684 ( http://support.microsoft.com/kb/824684/) Description of the standard terminology that is used to describe Microsoft software updates
885957 ( http://support.microsoft.com/kb/885957/) How to install ISA Server hotfixes and updates
Gönderildi : 10/07/2008 13:49
Konu başlatıcı
Bu ayarlar yapılı eser.
Ayrıca utm deki engeller kalktı.(Teşekkür ederim.) Ancak isa monitörden baktığımda ftp de hata olduğunu görüyorum.
Bunun için Isa nın altında bir başlık açtım.
Gönderildi : 10/07/2008 14:23
