Blog du Tristank

So terrific that 3 of 4 readers rated it "soporific"

ISA 2004: Protocol Definitions can now have multiple primary ports

Just a quickie: As I’ve mentioned in passing a couple of times, when using ISA 2004 Protocol Definitions can have multiple primary ports – including ranges of primary ports – associated with them.

ISA 2000 was only able to use a single primary port per protocol definition, which quickly gets awkward when your ISP runs (say) their Enemy Territory servers on UDP 27961-27968, and you need to create an individual protocol definition per server to allow your SecureNAT clients to connect to them.

With 2004, you can create a single protocol definition spanning a range of ports, so you can simplify the ruleset for a routed or SecureNAT client while retaining basic control over the allowed protocols. It can also be useful for Server Publishing, if your application uses a range of inbound connection ports.

Of course, if you don’t want that much control, there’s the All IP Traffic option too…