Softperfect at SBS 2003

Started by Mohiuddin Minhas

Mohiuddin Minhas

Softperfect at SBS 2003   04 January 2006, 19:49

Hello there!!
I intend to use softperfect for my SBS 2003 box, which has ISA Server 2004, but all my efforts seems to be fruitless. Here is what I have:
LAN IP RANGE: 192.168.1.31
SERVER IPS : 192.168.1.1-LOCAL & 62.150.x.x---Directly-to-DSL
I have tried all sort of rule combinations on all network interfaces, nothing seems to solve the problem.
PROBLEM : When I limit the Internet bandwidth for a certain LAN PC MY internal LAN traffic also comes under the rule effect.
For Example : Direction (both), 5KB/s, TCP-UDP, LAN interface, SOurce-192.168.1.5/any , Dest-any/any OR (for LAN I made another rule with unlimit with local ip range & for WAN another limited rule) tried moving rules up & down as well.
Remember I am using transparent caching with secureNAT.

Any Solution as I am ready to buy the software. Thanks in adavance.
SoftPerfect Support forum - Andrew avatar image

Re: Softperfect at SBS 2003   04 January 2006, 21:16

Try something like this:

Direction: Both
Rate: Unlimited
Protocol: TCP/UDP
LAN interface
Source: Range: 192.168.1.0 - 192.168.1.255
Destination: Range: 192.168.1.0 - 192.168.1.255

Direction: Both
Rate: 5KB/s
Protocol: TCP/UDP
LAN interface
Source: 192.168.1.5
Destination: Any

Direction: Both
Rate: 5KB/s
Protocol: TCP/UDP
LAN interface
Source: 192.168.1.6
Destination: Any

and so on. Please note that the first rule must be at the top of the rule set.
Mohiuddin Minhas

Re: Softperfect at SBS 2003   05 January 2006, 17:50

Actually, I had tried this before, but I did so agian as you said; no luck. I can see the traffic passing through the first UNLIMITED Rule, but the second LIMITD 5KB/s rule is always zero, why because all my traffic is being intercepted by the first rule and the second rule never comes into play.
I think this is all because of the encapsulation done by the ISA server and softperfect is unable to capture header information from a packet before it reaches ISA Firewall. If it does, it can then know wether the packet has a local or external destination.

Any Other Work-arround?

Looking forward - Mohi
SoftPerfect Support forum - Andrew avatar image

Re: Softperfect at SBS 2003   05 January 2006, 23:00

How do the network clients access the Internet through the ISA server: using NAT (address translation) or proxy server?

The rules above are based on the idea of splitting packets on the destination field. If the destination is the in local IP address range then it is a local packet. Otherwise it is an external packet. But if you are using a proxy server, this does not work because the clients connect to the server locally and then ask the server for an external resource.
Mohiuddin Minhas

Re: Softperfect at SBS 2003   06 January 2006, 23:56

I would say its a transparent proxy through which clients get the internet, as we do not put anything in the client broswer as far as proxy settings are concerned, except the gateway and dns. for example client LAN settings:
192.168.1.x
255.255.255.224
192.168.1.1 GW
192.168.1.1 DNS
You r absolutely right that clients request the server localy for any external resource, and here is the point where we are having problem. Its between ISA server & client where softperfect should intercept.

Looking Forward - Mohiuddin
SoftPerfect Support forum - Andrew avatar image

Re: Softperfect at SBS 2003   07 January 2006, 22:53

This situation seems strange. I would recommend to try the following rules:

Direction: Both
Rate: Unlimited
Protocol: TCP/UDP
LAN interface
Source: Range: 192.168.1.0 - 192.168.1.255 : Any Port
Destination: Range: 192.168.1.0 - 192.168.1.255 : Ports 135, 136, 137, 138, 139, 445

Direction: Both
Rate: 5KB/s
Protocol: TCP/UDP
LAN interface
Source: 192.168.1.5
Destination: Any

Direction: Both
Rate: 5KB/s
Protocol: TCP/UDP
LAN interface
Source: 192.168.1.6
Destination: Any

Here the first rule should permit unthrottled local file sharing operations.
Mohiuddin Minhas

Re: Softperfect at SBS 2003   08 January 2006, 00:19

smile
Oh well! thats one sort of a work arround (lol), never thought this way. I will accept it by all means, and put it under observation as I have to add two more rules to have local traffic flow smooth. I thank you for this workarround(solution), I think things will workout now if I didn't see any abnormal CPU stresses & we will make the purchase for sure in a week or so.

Thank you once again - Mohiuddin Minhas
SoftPerfect Support forum - Andrew avatar image

Re: Softperfect at SBS 2003   08 January 2006, 02:56

You are welcome smile

Sometimes you can get the answer faster if you try the forum search and/or have a look at the software user manual to see if your question has already been answered.

Our forum rules are simple:

  • Be polite.
  • Do not spam.
  • If possible, check your spelling and grammar.

Author:

Email:

Subject

A brief and informative title for your message, approximately 4–8 words:

     

Spam prevention: please enter the following code in the input field below.

       **  ********  **     **  **         **       
       **     **      **   **   **    **   **       
       **     **       ** **    **    **   **       
       **     **        ***     **    **   **       
 **    **     **       ** **    *********  **       
 **    **     **      **   **         **   **       
  ******      **     **     **        **   ******** 

Message: