Hi Jim, 1) The configuration infomration including log/wspad/wpad will be sent to you e-mail address shortly 2) As for broswer setting, as you can see from my config data, only autoconfig setting is checked as per FWC. Thanks, Roy Tsao > Hi Roy, > > The logs that show IP data and URLs are not localized. In fact, the > only part of the logs that are localized are error messages (I can read > error numbers) and your rule names. > > The browser *always* has a setting, especially after the FWC is > installed. > Based on your descriptions, since "firewall_host_name:8080" can get the > auto-config file, but "firewall_fqdn:8080" cannot, it's clear that your > auto-configuration and client name resolution are not configured > properly. > > Yes - please send the two files (wpad & unfiltered log results). > > -----Original Message----- > From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx] > Sent: Friday, May 27, 2005 6:03 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Help with the web proxy setup in ISA 2004 > > http://www.ISAserver.org > > Dear Jim-san, > > Sorry for disturbing you a lot but please be advised that I am not pro. > in network (it is just my private fan to learn computer network > which is far from my present career), nor I am a native English > speaker but oriental guy, please be patient! > > 1) unfiltered logs: I am not trying to hide it but it will be very hard > for you to read it out since my ISA version is not English so you > may not judge what it is. May I try to take it out and send it to > your private address. > 2) Brower configuration: the brower at client end has no setting since > FWC is installed namely initially not setting and it becomes > autoconfiguration webproxy client as per FWC's setting. The > autoconfiguration > is checked finally with no other options. That's why I did not answer > the > browser's question > 3) Request merchanisam on http://wpad...: It is really a helpful > information for me to know those form you. I can download wpad.dat if I > replace "wpad" > into "firewall_host_name:8080". Shall I sent this file to you? Also, do > I > need > to configure DHCP to point WPAD into right ISABOX internal address, I am > getting confused in WPADed things aside from autodectection. > > Thanks, > > Roy Tsao > > > The discussion centers on "autoconfiguration". > > This functionality is based on a request for http://wpad/wpad.dat from > > the browser and http://wpad/wspad.dat from the FWC. > > This is why I want you to examine the wpad.dat. > > > > You still have not answered the browser question. > > You still have not provided unfiltered log entries. > > > > This isn't magic, Roy and I don't read minds. > > I do tire of playing oral surgeon, though. > > > > -----Original Message----- > > From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx] > > Sent: Thursday, May 26, 2005 9:04 PM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] RE: Help with the web proxy setup in ISA 2004 > > > > http://www.ISAserver.org > > > > Dear Harrison-san, > > > > The setting of my present VM lab ISA box is: > > - Access rules only two: > > 1) allow internal to external/all protocol /all users > > 2) deny all as default > > > > - Internal Network Property: > > <Firewall Client> > > [CHECK] Enable Firewall Client support > > [UNCHECK] Auto detect setting > > [CHECK] Auto config script > > [SELECT] Use custom URL = > http://isalocal.firewall.local:8080... > > [UNCHECK] Use a Web Proxy Server > > <Domain> > > *.firewall.local > > <Web Brower> > > [CHECK] Bypass Proxy for Web server in this network > > [CHECK] Directly Access computer specified in the Domain tab. > > Directly Access server & domain: *.firewall.local > > <Web Proxy> > > [CHECK] Enable Web proxy client > > [CHECK] HTTP at 8080 > > Authentication: [CHECK] Integrated/ Require All User to > > authenticate > > <Auto Discovery> > > No setting > > <Address> > > 10.0.0.0-10.0.0.255 > > > > Web browser setting at client end will be automatically configured by > > FCW setting and become WebProxy client for HTTP. > > > > I don't know why I need a wpad.dat since no auto discocery. > > > > > > > > > > > > > > > > > > > Please stop trimming the thread. > > > > > > I advise that you provide more than a single modified log entry. > > > I can't help you if you insist on filtering the data. > > > > > > Additional questions: > > > Q1 - exactly how is the browser configured? > > > Q2 - exactly what is the web proxy configuration for the Internal > > > network? > > > Q3 - when you do receive the wpad.dat file, exactly what data is > found > > > between "{" and "}" in: > > > "function MakeIPs" > > > And > > > "function MakeNames()" > > > > > > > > > -----Original Message----- > > > From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx] > > > Sent: Thursday, May 26, 2005 3:22 AM > > > To: [ISAserver.org Discussion List] > > > Subject: [isalist] RE: Help with the web proxy setup in ISA 2004 > > > > > > http://www.ISAserver.org > > > > > > I did understand your points, also I have took a examin at whole > > > logs before & after changing from FQDN to hostname. > > > > > > Anyhow, when FQDN is used, there is POPUP asking for authentication, > > > could you advise any possible reason? > > > > > > Thanks, > > > > > > Roy Tsao > > > > > > > > > Try not to "filter" the log data. > > > "Imaginary" information is useless. > > > If you have a problem sending it to the list, then you need to > rethink > > > your security model. > > > "Security by obscurity is no security at all". > > > > > > Also, you should examine more than a single log entry - it's just as > > > likely that you're looking at the wrong one. > > > > > > ------------------------------------------------------ > > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > ------------------------------------------------------ > > > Other Internet Software Marketing Sites: > > > World of Windows Networking: http://www.windowsnetworking.com > > > Leading Network Software Directory: http://www.serverfiles.com > > > No.1 Exchange Server Resource Site: http://www.msexchange.org > > > Windows Security Resource Site: http://www.windowsecurity.com/ > > > Network Security Library: http://www.secinf.net/ > > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > > > ------------------------------------------------------ > > > You are currently subscribed to this ISAserver.org Discussion List > as: > > > jim@xxxxxxxxxxxx > > > To unsubscribe visit > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > All mail to and from this domain is GFI-scanned. > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Other Internet Software Marketing Sites: > > World of Windows Networking: http://www.windowsnetworking.com > > Leading Network Software Directory: http://www.serverfiles.com > > No.1 Exchange Server Resource Site: http://www.msexchange.org > > Windows Security Resource Site: http://www.windowsecurity.com/ > > Network Security Library: http://www.secinf.net/ > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List as: > > jim@xxxxxxxxxxxx > > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > All mail to and from this domain is GFI-scanned. > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > jim@xxxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > All mail to and from this domain is GFI-scanned.