Avatar billede win32cih Nybegynder
07. juni 2002 - 10:33 Der er 5 kommentarer

block net radio

hvordan blocker jeg net radio med en MS ISA server 2000
ønsker et svar på dansk men Eng. går også.:))
Avatar billede goulduck Nybegynder
07. juni 2002 - 10:57 #1
Det kommer vel lidt an på hvilken type netradio der er tale om...

Kender ikke ISA serveren, men man kunne vel blokere for ASF og andre filer som kan bruges til sådan noget.
Avatar billede win32cih Nybegynder
07. juni 2002 - 11:01 #2
alt net radio både jubii og dr og fleger
Avatar billede jesper_k Nybegynder
07. juni 2002 - 11:01 #3
Windows Media player benytter sig at UDP protokollen, som bruges til forskellige typer download.. blandt andet live stream..
Du kan vælge at lukke helt af for UDP, men så kan du heller ikke bruge F.eks Realplayer..

Men hvis det ikke betyder noget for dig, kan du under punktet Access Policy.. Finde et punkt som hedder Ip packet filter

Højre klik i det tomme vindue ( kun tom hvis du i forvejen ikke hat nogle pakke filtre defineret..
Vælg ny/new - packet filter-- Og følg guiden

Jeg håber det kan hjælpe dig.. Hvis ikke så lav et indlæg mere og forklar lidt mere om, hvad problemet er.. F.eks at dine medarbejdere sidder på Dr ´s netradio og du ikke vil bruge/betale for den båndbredde det koster..
Avatar billede Noone Nybegynder
07. juni 2002 - 16:17 #4
Windows media player har TCP protokollen som fallback, og det er vidst ikke et hit at lukke for den ;)
Avatar billede jesper_k Nybegynder
10. juni 2002 - 09:35 #5
Jeg har fundet hvordan man åbner en ISA server til at kunne bruge online radio..
DU SKAL BARE GØRE DET OMVENDTE!!


Setting Firewall Configuration

Posted: August 6, 1999

If you have problems delivering or receiving Windows Media streams, you may need to open additional ports in your firewall. This document briefly explains firewalls, describes how Windows Media interacts with firewalls, and offers suggested firewall settings.

General Protocol and Firewall Information
A firewall is a piece of hardware or software that prevents data packets from either entering or leaving a specified network. To control the flow of traffic, numbered ports in the firewall are either opened or closed to types of packets. The firewall looks at two pieces of information in each arriving or departing packet: the protocol through which the packet is being delivered, and the port number to which it is being sent. If the firewall is configured to accept the specified protocol through the targeted port, the packet is allowed through.

Windows Media and Firewalls
Because Windows Media does not use any of the standard or "well-known" ports that would be open by default (except HTTP), you must open special ports. Windows Media Technologies was formerly known as NetShow; many firewalls have a NetShow port setting that can also be used for Windows Media.

When you allocate ports for Windows Media files, you must open all of the UDP and TCP ports corresponding to those port numbers. The number ranges in the documentation below indicate an entire range of available ports; typically, the actual number of ports allocated will be far less.

When deciding how many ports to open, balance security with accessibility by opening just enough ports to allow all clients to make a connection. However, port range restrictions potentially affect all remote procedure call (RPC) and Distributed Componenent Object Model (DCOM) applications sharing the system, not just Windows Media. If the port range is not broad enough, competing services such as Internet Information Server (IIS) will start to fail with random errors. The port range must be able to accomodate all potential applications in the system that will use RPC/COM/DCOM services. The number of open ports is entirely up to the individual corporate security philosophy, but as a starting point, determine how many ports you expect to use for Windows Media, then open 10% more to account for overlap with other programs. Once you've established this number, watch your traffic to determine if adjustments are necessary.

Firewall and Registry Settings for DCOM
DCOM dynamically allocates one port per process. You need to decide how many ports you want to allocate to DCOM processes, which is equivalent to the number of simultaneous DCOM processes through the firewall. You must open all of the UDP and TCP ports corresponding to the port numbers you choose. You also need to open TCP/UDP 135, which is used for RPC End Point Mapping, among other things. In addition, you must edit the registry to tell DCOM which ports you reserved. You do this with the "HKEY_LOCAL_MACHINES \Software \Microsoft \Rpc \Internet" registry key, which you will probably have to create.

The following example tells DCOM to restrict its port range to 10 ports:

Named Value: Ports
Type: REG_MULTI_SZ
Setting: Range of port. Can be multiple lines such as:
3001-3010
135

Named Value: PortsInternetAvailable
Type: REG_SZ
Setting:"Y"

Named Value: UseInternetPorts
Type: REG_SZ
Setting: "Y"

These registry settings must be established in addition to all firewall settings listed below.

Firewall Settings for Windows Media
There are five primary scenarios to consider when setting up a firewall to accomodate Windows Media:

Using Windows Media Player behind a firewall to access content outside the firewall
Using Windows Media Player outside a firewall to access content on a Windows Media server behind a firewall
Using Windows Media Encoder outside a firewall to access a Windows Media server behind the firewall, or communicating between two servers across a firewall
Using Windows Media Administrator outside a firewall to manage a Windows Media server behind a firewall
IP Multicast
In the examples below, the In port is the port that the server uses to get past the firewall. The Out port is the port that Microsoft Windows Media Player or other clients use to communicate with the server.

Server to Client Behind a Firewall
A firewall configuration that allows users with the Windows Media Player behind a firewall to access Windows Media servers outside the firewall is:

Streaming ASF with UDP
Out: TCP on 1755
Out: UDP on 1755
In: UDP between port 1024-5000 (Only open the necessary number of ports.)
Streaming ASF with TCP
In/Out: TCP on port 1755
Streaming ASF with HTTP
In/Out: TCP on Port 80
Server Behind a Firewall to Client
The following firewall configuration allows users with the Windows Media Player outside of a firewall to access a Windows Media server behind a firewall:

Streaming ASF with UDP
In: TCP on port 1755
In: UDP on port 1755
Out: UDP between port 1024-5000 (Only open the necessary number of ports.)
Streaming ASF with TCP
In/Out: TCP on port 1755
Streaming ASF with HTTP
In/Out: TCP on Port 80
Protocol: MSBD
In/Out: TCP on port 7007
For Server to Encoder communication, you can specify a different port. The default port is 7007, but in the Windows Media Encoder Output dialog box you can choose any other free port; you can also push a button to allow the Encoder to select a different port. If you choose a different port, you must specify the same port in the server when you set up the station.
Encoder to Server Behind a Firewall/Server to Server Across a Firewall
The following firewall configuration allows users with the Windows Media Encoder outside of a firewall to access a Windows Media server behind a firewall:

Protocol: MSBD
In/Out: TCP on port 7007.
For encoder-to-server communication, you can specify a different port. The default port is 7007, but in the Windows Media Encoder Output dialog box you can choose any other free port; you can also push a button to allow the encoder to select a different port. If you choose a different port, you must specify the same port in the server when you set up the station.
Administrator to Server Behind a Firewall
The following firewall configuration allows users with the Windows Media Administrator outside of a firewall to access a Windows Media server behind a firewall:

Protocol: HTTP
In/Out: TCP on port 80
Protocol: DCOM
In: TCP on port 135
You must open TCP and UDP on port 135. This port is used for initial Windows Media server-to-client and server-to-encoder communications, as well as essential processes. The protocol used for these initial communications is DCOM.
IP Multicast
The following firewall configuration enables IP Multicasting:

Streaming ASF with Multicast
IP Multicast Address range: 224.0.0.1 to 239.255.255.255
To enable IP Multicasting you must allow packets sent to the standard IP Multicast address range above to come through your firewall. This IP Multicast address range must be enabled on both client and server sides, as well as every router in between.
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester