[isalist] Re: [Book/2004] Quick followup question about FWC & Proxy
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Mon, 3 Jul 2006 19:18:42 -0500
Hi Jonathan,
If you have the Firewall client configured, and you've configured the
Firewall client settings to configure the Web proxy client configuration
to use Autodetect or the autoconfiguration script, then you're good.
There's never a reason to configure it to use the third option, which is
just the IP address and Web proxy listener port.
HTH,
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Jonathon J. Howey
Sent: Monday, July 03, 2006 5:34 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] [Book/2004] Quick followup question about FWC
& Proxy
Just started resuming reading the book, and I came across this
paragraph in Configuring ISA 2004, page 442 / 443:
-The picture shows the 'Use a web proxy server" checkbox is
checked
-Paragraph states: "The Use a Web Proxy server option allows you
to configure the Web browser to use the ISA 2004 as its Web Proxy, but
without the benefits of the autoconfig. script information. This setting
provides higher performance than the SecureNAT (now SecureNET i suppose)
client configuration but you do not benefit from the settings contained
in the autoconfig. script. The most important configuration settings in
the autoconfig. script includes site names and addresses that should be
used for Direct Access. For this reason, you should avoid this option
unless you do not wish to use Direct Access to bypass the Web Proxy
service to access selected Web Sites."
So this means that if the checkbox is checked, the Direct Access
list will be ignored in an environment where all three client types are
used? Furthermore, if the client's browser for example has a proxy
filled in, will this FWC client setting step in, or does the proxy
itself still have high precidence? When will i see this setting start
to affects Direct Access in a three-client enviroment if the proxy
always handles Web Traffic (according to p.415).
Thanks,
PS: Where do you talk about the IP Routing setting again in the
book? I can't find it in the index, and it's starting to bug me as i
read about it, but i can't find the page it's on... I thought it was
Chapter 6 or prior, but i must be skimming over it. Cheers.
Jonathon J. Howey
MENSE Inc.
P 780.409.5620
F 780.409.5621
D 780.409.5628
C 780.965.8363
Jonathon@xxxxxxxx <mailto:Jonathon@xxxxxxxx>
Defining the Future of Transportation
www.MENSE.ca <http://www.MENSE.ca/>
Other related posts:
