Enabling the firewall client listener, Creating an internet access rule, 16 creating an internet access rule – HP ProLiant DL320 G4 Server User Manual
Page 16
Setting up the server 16
and read by network analyzers because they are not encrypted. However, all browsers support
basic authentication.
12.
In the Authentication dialog box, click OK.
13.
In the Internal Properties dialog box, click Apply>OK.
14.
Click Apply at the top of the details pane to save the changes and update the firewall policy.
Enabling the firewall client listener
The firewall client is an optional client-side software component that can be installed to enhance the level
of security and accessibility for those host systems. The firewall client software can be installed on all 32-
bit Microsoft
®
Windows
®
operating systems. The firewall client software provides the following benefits:
•
User credentials are transparently sent to the ProLiant DL320 Security Server, which enables user-
level authentication for access control.
•
All Winsock applications are supported, including those requiring complex protocols (such as FTP,
games, and voice or video applications).
•
The firewall client computer is independent of the default gateway configuration because it forwards
Internet connection requests directly to the internal IP address of the server.
The firewall client software is optional. However, enabling the firewall client listener allows the ProLiant
DL320 Security Server to accept incoming connection requests from firewall clients.
To enable the firewall client listener on the server:
1.
In the scope pane of the ISA Server console, expand the server name, expand the Configuration
node, and click the Networks node.
2.
In the details pane, click the Networks tab.
3.
In the list of networks, right-click the internal network, and click Properties.
4.
In the Internal Properties dialog box, click the Firewall Client tab.
5.
On the Firewall Client tab, select the Enable Firewall client support for this network
checkbox. Do not change the ISA Server name or IP address default settings. Change this setting
later, depending on whether a DNS server is on the LAN.
6.
Click Apply, and then click OK in the Internal Properties dialog box.
7.
Click Apply at the top of the details pane to save the changes and update the firewall policy.
Creating an Internet access rule
After installing the ProLiant DL320 Security Server, all traffic from internal network clients to the Internet is
blocked. This default configuration provides a high level of security and prevents both internal and
external users from accessing content through the server.
Connect to the Internet through the ProLiant DL320 Security Server immediately after it is installed. The
simplest client configuration is the Secure NAT client. To connect internal network clients to the Internet as
quickly as possible but still remain secure from external threats, confirm the following:
•
The default gateway setting on the LAN computers is set to the IP address of the internal interface of
the ProLiant DL320 Security Server.
•
The LAN computers are configured with a DNS server address that can resolve Internet host names.
If there is not a DNS server on your LAN capable of resolving Internet host names, configure the LAN
computers to use the IP address of your ISP DNS server. For more details, see the DNS server (on
page
•
A firewall rule exists, allowing access to the required Internet protocols.