Allowing MSN messenger traffic to pass through the Symantec Gateway Security appliance

Article:TECH84924  |  Created: 2006-01-27  |  Updated: 2012-04-29  |  Article URL http://www.symantec.com/docs/TECH84924
Article Type
Technical Solution


Issue



You have a Symantec Gateway Security 1600 Series or Symantec Gateway 5000 Series appliance. You want to know how to set up the appliance to use MSN messenger. You need to know what ports to configure to allow traffic to pass through the firewall.

 


Solution



MSN Messenger uses the following ports

  • TCP Port 7001
  • TCP Port 1863
  • TCP Port 80
  • TCP Port 443.


To allow traffic to pass through the firewall you will need to add two new protocols, and add those protocol's to a service group.

Adding the Protocols:
In the Symantec Gateway Management Interface (SGMI), choose Assets, then Protocols from the left navigation. Click Protocols tab.

To enter in the first protocol

  1. Click New.
  2. Click TCP UDP Based Protocol.
  3. In the following fields type or select the name after the field name.
    Protocol Name, type: TCP_Port_1863
    Base Protocol Type: TCP
    Destination port use: Single Port|Destination low port: 1863
    Source port use: Port Range
    Source low port: 1024
    Source high port: 65535
     
  4. Check Use GSP.
  5. Click OK to add this new protocol.

To enter in the second protocol

  1. Click New.
  2. Click TCP UDP Based Protocol.
  3. In the following fields type or select the name after the field name.
    Protocol Name: TCP_Port_7001
    Base Protocol Type: TCP
    Destination port use: Single Port
    Destination low port: 7001
    Source port use: Port Range
    Source low port: 1024
    Source high port: 65535
     
  4. Check GSP.
  5. Click OK to add this new protocol.


To create the service group

  1. In the Symantec Gateway Management Interface (SGMI), click Assets,
  2. In the left pane, click Protocols.
  3. Click Service Groups tab.
  4. Click New, to create a new service group
  5. Under the General Tab, type the following in the specified field:
    Service Group Name: MSN_Messenger
    Caption: Allows access to MSN Messenger
  6. Under the Protocols Tab, click Add.
  7. Select TCP_Port_1863 and click OK.
  8. Click Add.
  9. Select TCP_Port_7001 and click OK.
  10. Click Add.
  11. Select HTTP and click OK.
  12. Highlight HTTP and click Configure,
    The "Parameters for http" configuration screen will appear.
  13. Click Options tab.
  14. Check Allow HTTP over valid SSL on the following ports:
  15. Select Standard ports item from the bulleted list.
  16. Click OK , to save the parameters.
  17. Click OK button to add the new Service Group.

You can now use that service group in rules to allow traffic to pass through the firewall.




 



Legacy ID



2006092709045754


Article URL http://www.symantec.com/docs/TECH84924


Terms of use for this information are found in Legal Notices