access rule for Argent remote monitoring of ISA server 2006

All Replies

• Monday, October 19, 2009 1:38 PMJim Harrison IsaDewd

   
  

  0

  Sign In to Vote
  What exactly does the denied log include?
  An access rule allowing TP:3190 from the Argent server Ip to "localhost" should work assuming you have an Argent agent installed on the ISA.
  Accrdong to http://help.argent.com/ARTICLES/Q023.php?s=i, "Argent" uses a lot of ports, depending on the configuration you use and the monitoring you enable.

  ---

  Jim Harrison Forefront Edge CS

  • Proposed As Answer byJim Harrison IsaDewd Monday, October 19, 2009 1:38 PM
  •  
  • Reply
  • Quote

   
• Tuesday, October 20, 2009 6:43 AMWai Yip

   
  

  0

  Sign In to Vote
  We used Argent Guardian Monitoring Engine therefore 3190 is correct. The ISA log is not useful at all. It only state denied connection from internal (IP address) to localhost (IP address) on port 3190. No reason stated. I can't find where's not right. I created a user defined protocol with TCP 3190 outbound and created a network object argent server with the IP address.
  
  I have 2 more ISA servers did successfully configured to enable argent traffic but this one which has 2 NIC (multihomed) cannot work. The former pair working one is a single NIC deployment. It may be something to do with the different deployment method. I wonder where could have gone wrong.
  
  • Reply
  • Quote

   
• Monday, November 02, 2009 4:30 PMJim Harrison IsaDewd

   
  

  0

  Sign In to Vote
  That cutom protocol should be defined as:
  Name = Argent Agent
  Primary Connection:
  Protocol = TCP
  Port Range = 3190 - 3190
  Direction = Outbound
  
  does that agree with what you've created?

  ---

  Jim Harrison Forefront Edge CS
  • Reply
  • Quote

   
• Tuesday, November 03, 2009 5:10 AMWai Yip

   
  

  0

  Sign In to Vote
  Yes that is exactly what I did. It is able to identified TCP 3190 Argent protocol in the access denied log.
  • Reply
  • Quote