isa 2006 block external ip address

I need to be able to block an external ip address from accessing anything on Isa.  It is currently trying to authenticate via active-sync causing that user account to be locked out.  I added an access rule, set the "from" to that external ip address, set the "to" to "localhost".  Applied it to "all users".  I tried setting the "to" to the "external", but that didn't work.  The only thing that appeared to be working was when I set the "to" to "localhost".  I did notice I was still able to get to the Isa form to try and login, but I was not able to login to Owa during my testing. I thought it was working, but apparently not.

We are still getting lockouts from that say external ip address, so apparently the rule is not working.

Is there any easy way to completely block the external ip address i

June 25th, 2013 10:26pm

Hi,

Thank you for the post.

You may create a rule denying access to a computer set that includes the source IP addresses.

Regards,

Free Windows Admin Tool Kit Click here and download it now
June 27th, 2013 5:22am

Create a copy of your active sync publishing rule. Edit the rule. change allow to deny. In the from tab remove the anywhere group and the source ip that has to be blocked. Place this rule above your ALLOW activesync rule.

Beware that your ISA box still processes traffic originating from that IP. So the ISA box will still consume recources. If you want to avoid this you probably need a device before your isa box  that kills that traffic.

regards

richard

June 27th, 2013 10:13am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics