RE: Deploying ISA 2004 firewall client - how to enforce?
- From: "Jason Merrique" <j.merrique@xxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 13 May 2004 15:36:34 +0100
Hi Tom,
It does appear as though DHCP is working though. Here's an example of
the regular firewall logs that keep coming up:
5/13/2004 3:31:17 PM <client IP> 0.0.0.0 http://cerberus/wspad.dat
anonymous 8080 http GET No Proxy CERBERUS cerberus TCP - - - -
- - 0 1 0 56 0x0 0x0 0x0 Web Proxy Filter 0.0.0.0
Note that the origin of the request is from a user that isn't an
Administrator or Power User.
What concerns me at the moment is that there is indeed nothing published
at http://cerberus/wspad.dat surely there should be? In fact, the file
wspad.dat isn't to be found anywhere on the ISA server. Do you know at
which point is this file created and published?
Cheers,
Jason
________________________________
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: 13 May 2004 14:57
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Deploying ISA 2004 firewall client - how
to enforce?
http://www.ISAserver.org
Hi Jason,
That may solve your problem, but it sounds like you still have a
significant name resolution issue and correct qualification of
unqualified WPAD DNS queries. Remember that DHCP WPAD only works for
Adminstrators and I believe, Power Users.
http://support.microsoft.com/default.aspx?scid=kb;en-us;312864
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA 2004 Beta - Get it now!
http://www.microsoft.com/isaserver/beta/default.asp
<http://www.microsoft.com/isaserver/beta/default.asp>
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: Jason Merrique [mailto:j.merrique@xxxxxxxxxxxxxxx]
Sent: Thursday, May 13, 2004 8:47 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Deploying ISA 2004 firewall
client - how to enforce?
http://www.ISAserver.org
Aha! I think I've found the problem.
The AutoDiscovery information was just not being
published.
From Help File:
<snip>
To publish automatic discovery information
1. In the console tree of ISA Server Management,
click Firewall Policy.
Where? <ms-its:Y:\Microsoft ISA Server 2004
Beta\isa.chm::/FW_H_PublishAutoDisc.htm#>
* Microsoft ISA Server 2004
* Server_Name
* Configuration
* Networks
2. In the details pane, select the applicable
network (usually Internal).
3. On the Tasks tab, click Edit Selected Network.
4. On the Auto Discovery tab, select Publish
automatic discovery information.
5. In Use this port for automatic discovery
requests, type the port number on which the ISA Server should listen for
WPAD and WSPAD requests.
Notes
* To open ISA Server Management, click Start,
point to All Programs, point to Microsoft ISA Server, and then click ISA
Server Management.
* Click the Apply button in the details pane to
save the changes and update the ISA Server configuration.
</snip>
Hopefully this will sort things out :)
Cheers Tom.
Jason
________________________________
From: Jason Merrique [mailto:j.merrique@xxxxxxxxxxxxxxx]
Sent: 13 May 2004 14:27
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Deploying ISA 2004 firewall
client - how to enforce?
http://www.ISAserver.org
Cheers Tom,
Would the answer be applicable for ISA 2004?
Cheers,
Jason
________________________________
From: Thomas W Shinder
[mailto:tshinder@xxxxxxxxxxx]
Sent: 13 May 2004 14:15
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Deploying ISA
2004 firewall client - how to enforce?
http://www.ISAserver.org
Hi Jason,
Here's a chapter from the ISA EDU kit.
There a golden nuggets dispersed through this kit.
http://www.tacteam.net/isaserverorg/isaedukit/5automate/5automate.htm
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA 2004 Beta - Get it now!
http://www.microsoft.com/isaserver/beta/default.asp
<http://www.microsoft.com/isaserver/beta/default.asp>
ISA Server and Beyond:
http://tinyurl.com/1jq1
Configuring ISA Server:
http://tinyurl.com/1llp
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: j.merrique@xxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
Other related posts:
