RE: Continued issues with particular site

  • From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 18 Jan 2006 07:03:13 -0800

Yeh - I was using the MSN desktop.
I killed it after I realized what was hogging all my system disk time.
"background" my butt...

--------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
--------------------------------------------

-----Original Message-----
From: David Farinic [mailto:davidfa@xxxxxxx] 
Sent: Wednesday, January 18, 2006 12:52 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Continued issues with particular site

http://www.ISAserver.org

I switched all indexing off after tests with wmf file which was starting
calc. Both Google and MS desktop indexers stared periodically calc for
me when indexing that file :).

Desktop indexers are good if you have nothing really valuable on comp
but otherwise... beware as you opening another option how data can be
accessed/read.

Regarding site problem ... try SP2 when available.

Regards DavidFA

-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] 
Sent: Wednesday, January 18, 2006 5:03 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Continued issues with particular site

http://www.ISAserver.org

Heh- I found them now that I know what to look for.  You should get that

Google appliance to index your content so that searches are better. ;)

t

-----
"I'll see your Llama and up you a Badger."
John T



----- Original Message ----- 
From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, January 17, 2006 7:32 PM
Subject: [isalist] RE: Continued issues with particular site


http://www.ISAserver.org

Hi Tim,

You bet! The Microsoft FM doesn't have that info -- only my FMs :)

I'm way ahead of you in the papers shoved in the suggestion box, but
it'll be fantastic to get your submissions in there too. There's power
and occasionally safety in numbers :)

Tom

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**



> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> Sent: Tuesday, January 17, 2006 9:22 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Continued issues with particular site
>
> http://www.ISAserver.org
>
> RTFM?  I did!  Nowhere in there does it say "If you unbind
> the Web Proxy
> Filter from HTTP, the Configure HTTP interface dissapears.
> However, the
> HTTP Filter is still in place."  That's just not in there.
> But I guess
> I'll trust you.
>
> And thank you.  I'll also look for the KB.  I'll also make
> sure that I
> submit some suggestions for ISA 2006, which I was invited to Beta for.
>
> t
>
> -----
> "I'll see your Llama and up you a Badger."
> John T
>
>
>
> ----- Original Message ----- 
> From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Tuesday, January 17, 2006 5:40 PM
> Subject: [isalist] RE: Continued issues with particular site
>
>
> http://www.ISAserver.org
>
> OK you,
>
> Anybody else, and I'd tell 'em to RTFM, but one day I may come to you
> and ask a favor.
>
> When you unbind the Web proxy filter from the HTTP protocol,
> it has the
> untoward effect that you observed -- the HTTP security configuration
> interface disappears. HOWEVER, that does NOT mean that its
> not working.
> All the settings you have created so far are still in effect for Web
> proxy clients.
>
> However, machines that aren't explicitly configured as Web proxy
> clients, will not be exposed to the Web proxy filter or the Web proxy
> filter extension that is the HTTP security filter. When the Web proxy
> filter is enabled, it automaticaly forwards the SecureNAT and Firewall
> client connections to the Web proxy filter, so that even though they
> aren't explicitly configured as Web proxy clients, they can still
> benefit from the security and performance enhancments you get from the
> Web proxy filter and its extensions.
>
> If you want to make changes to the HTTP security filter, go
> to the HTTP
> protocol and rebind the filter. You don't need to apply the changes to
> the firewall policy. Then right click any rule that includes the HTTP
> protocol and you'll see the Configure HTTP option again. Then make the
> changes you want to the filter settings, then go back and
> unbind the Web
> proxy filter from the HTTP protocol. Apply the changes to the firewall
> policy and you're good.
>
> There's another way to do this, but this is my way. :)  There's a KB
> article on an alternate approach if you want to take the highway.
>
> Tom
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> **Who is John Galt?**
>
>
>
> > -----Original Message-----
> > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> > Sent: Tuesday, January 17, 2006 5:19 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Continued issues with particular site
> >
> > http://www.ISAserver.org
> >
> > Unbinding the Web Proxy Filter from HTTP worked.  However, I
> > can no longer
> > "Configure HTTP" anywhere, on any rule.  I tried what Steve
> > suggested, which
> > is to create an allow rule for the site, but you can't unbind
> > Web Proxy
> > Filter from an individual rule - ( thanks for nuttin,
> > Moffat!!! ;)  all you
> > can do is "Configure HTTP."  Hell, I even tried a custom HTTP
> > Protocol
> > Definition (with no filtering at all) and it still doesn't work.
> >
> > While I could still access the web via clients specifically
> > set to use a
> > proxy, why would my HTTP filter configuration options go away
> > because I
> > unbound the Web Proxy Filter?
> >
> > Is there no other way to do this????
> >
> > t
> >
> > -----
> > "I'll see your Llama and up you a Badger."
> > John T
> >
> >
> >
> > ----- Original Message ----- 
> > From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Tuesday, January 17, 2006 2:07 PM
> > Subject: [isalist] RE: Continued issues with particular site
> >
> >
> > http://www.ISAserver.org
> >
> > The FWC will stuff use the Web proxy filter if the Web
> proxy filter is
> > still bound to the HTTP protocol. There are a number of
> > workarounds, but
> > the one I use because it's the easiest :)  is to just unbind the Web
> > proxy filter from the HTTP protocol and then configure the sites for
> > Direct Access.
> >
> > This enables me to continue to benefit from the Web proxy
> > filter and its
> > HTTP security filter for Web proxy client connections
> > (machines that are
> > explicitly configured as Web proxy clients) and bypass the Web proxy
> > filter for all SecureNAT (SecureNET) and FWC connections.
> >
> > Tom
> >
> > Thomas W Shinder, M.D.
> > Site: www.isaserver.org
> > Blog: http://spaces.msn.com/members/drisa/
> > Book: http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> > **Who is John Galt?**
> >
> >
> >
> > > -----Original Message-----
> > > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> > > Sent: Tuesday, January 17, 2006 3:59 PM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: Continued issues with particular site
> > >
> > > http://www.ISAserver.org
> > >
> > > That what I was saying to myself... the "Via" tells all.  But
> > > check it--
> > > I've got both the IP and the *.domain.com in the direct
> > > access tab for the
> > > source (listening) network config, I've got the firewall
> > > client loaded and
> > > refreshed, I've unchecked "use proxy" on the firewall client
> > > config for the
> > > network config, I've made sure the client is not set to use a
> > > proxy in IE.
> > >
> > > Yet, the capture stills says "Via."
> > >
> > > WTF now?
> >

  
This mail was checked for viruses by GFI MailSecurity. 
GFI also develops anti-spam software (GFI MailEssentials), a fax server
(GFI FAXmaker), and network security and management software (GFI
LANguard) - www.gfi.com 


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 01-2006