3

OK, so maybe not the "proper use" of network resources, but we enjoy the odd COD game during lunch hours. When we played COD4, we had a dedicated server setup at the back of the server room. With MW2, we need to be able to connect to steam to be able to play multi-player.

I've found this support article here:

https://support.steampowered.com/kb_article.php?ref=8571-GLVN-8711

Which outlines all the ports I need to open. I went through and created the following rules in ISA 2000 (I'm stuck with 2000 for now).

Protocol Definition: Steam Primary connection: Port 27000, UDP, Send Receive Secondary Connection: Port range 27001-27030 Send Receive

Protocol Definition: Steam TCP In Primary connection: 27014, TCP, Inbound Secondary Connection: Port range: 27015-27050, Inbound

Protocol Definition: Steam 4380 Primary connection: 4380, UDP, Send Receive

When I start steam on my local workstation (I did add an exception to the Vista Firewall to allow steam), the steam client sits on "Updating Steam" for 5 minutes then errors out with: You must connect to the internet first.

Any ideas? I assume I missed something.

Thanks for your help.

twlichty
  • 141
  • 3

3 Answers3

0

Is your proxy server transparent or explicitly defined on the clients?

Are your programs definitely routing through the proxy (can you see blocked traffic in ISA monitor?)

It may be the case that your apps are not hitting the proxy and are trying to jump directly through the network gateway.

Chris Thorpe
  • 9,903
  • 22
  • 32
0

Secondary protocols are only supported when using the Firewall Client - they don't work with pure IP ("SecureNAT") clients.

With ISA 2000, you'll need one protocol definition per port to support SecureNAT. Later versions treat "All outbound traffic" as including unidentified ports - ISA 2000 didn't, from memory.

TristanK
  • 8,953
  • 2
  • 27
  • 39
0

Why did you define TCP inbound connections? They should be outbound, if the internal client is going to talk to some Internet server using those ports.

Also, after defining those protocols, did you actually create a policy to allow them from the internal network to the external one?

Massimo
  • 68,714
  • 56
  • 196
  • 319
  • Sorry, typo. Yes, they are outbound. Yes, I also created a Protocol Rule to allow access from internal to external. – twlichty Nov 25 '09 at 21:51