ISA Server 2004 & "Unidentified IP Traffic" o "Trafico IP sin identificar"
TechRepublic Blog: Get Rid of "Unidentified IP Traffic" in your Logs: "Get Rid of 'Unidentified IP Traffic' in your Logs
Tags: None
Do you get irritated by seeing entries for Unidentified IP Traffic in your log files and reports? Me too.
Its easy to reduce the amount of traffic seen by the ISA firewall as unidentified. All you need to do is create Protocol Definitions for the protocols that aren't included in the default list of Protocol Definitions.
For example, create a Protocol Definition for TCP Outbound 8080 and name it Web Proxy Client. Now all the traffic from the Web Proxy client to the Web Proxy filter on the ISA firewall will be seen as Web Proxy Client traffic. Create another Protocol Definition for TCP Outbound 1745 and name it Firewall Client Control. Now all the Firewall Client Control Protocol traffic will appear as Firewall Client Control.
Do the same thing for other common protocols that you identify in the ISA firewall's log files. Now you'll see a lot less Unidentified IP Traffic in your logs.
HTH,
Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004"
Tags: None
Do you get irritated by seeing entries for Unidentified IP Traffic in your log files and reports? Me too.
Its easy to reduce the amount of traffic seen by the ISA firewall as unidentified. All you need to do is create Protocol Definitions for the protocols that aren't included in the default list of Protocol Definitions.
For example, create a Protocol Definition for TCP Outbound 8080 and name it Web Proxy Client. Now all the traffic from the Web Proxy client to the Web Proxy filter on the ISA firewall will be seen as Web Proxy Client traffic. Create another Protocol Definition for TCP Outbound 1745 and name it Firewall Client Control. Now all the Firewall Client Control Protocol traffic will appear as Firewall Client Control.
Do the same thing for other common protocols that you identify in the ISA firewall's log files. Now you'll see a lot less Unidentified IP Traffic in your logs.
HTH,
Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004"
Comentarios
Thanks for sharing the link - but unfortunately it seems to be down? Does anybody here at japerna.blogspot.com have a mirror or another source?
Thanks,
Charlie