RE: ISA 2004 Cache
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 14 Jul 2005 08:33:15 -0500
Oh no! I've been working day and night on the "Open Port" button so that
it will be ready for ISA 2038. But I didn't even consider the "Block
Port" button! If I have to take this to the whiteboard, I won't get the
combined solution out until ISA 2077 RTMs.
I knew this was going to be a bad day.
Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> Sent: Thursday, July 14, 2005 8:25 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: ISA 2004 Cache
>
> http://www.ISAserver.org
>
> You can't have both "resolving sites well" and "port blocked" in the
> same environment.
>
> -----Original Message-----
> From: AHendriks@xxxxxx [mailto:AHendriks@xxxxxx]
> Sent: Thursday, July 14, 2005 12:57 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: ISA 2004 Cache
>
> http://www.ISAserver.org
>
> > Sounds like you might be getting some DNS cache poisoning.
> > This can completely mess up the ISA cache because ISA gets
> > directed to the wrong place.
>
> That was my first thought to, but i have checked dns settings serveral
> times, and the dns is resolving the sites well.
>
> > Try using a different upstream DNS provider and see if that helps.
>
> I have only one dns upstream available, which is a internal
> dns server,
> i'm unable to change the dns to a server on the internet,
> cause the port
> has been blocked.
>
> Arjan
>
> >
> > > You'll have to be a bit more specific about:
> >
> > OK, i will place some configuration stuff here.
> >
> > > 1. your ISA caching configuration
> >
> > The default cache rule, the only thing i have changed is
> > disabling the ftp caching, an second rule which disables
> > caching for windowsupdate.microsoft.com.
> >
> > I have configured a cache size of 10 Gb, and have left
> > everything in default.
> >
> > > 2. what sites
> >
> > When going to www.google.com the user ends up at www.omroep.nl
> >
> > > 3. what requests.
> >
> > HTTP request.
> >
> > > Generally, ISA caches site content according to the rule
> > outlined in
> > > the ISA help, but it's also possible to configure it so
> > that it caches
> >
> > > everything in sight (bad thing).
> >
> > I haven't changed anything in the caching rule, as mentioned
> > above, on the server there is a eTrust antivirus client
> > active, i have excluded the caching dir for scanning, and the
> > processes used by isa are excluded to.
>
>
> **************************************************************
> **********
> De informatie in deze e-mail is uitsluitend bestemd voor de
> geadresseerde. Als u deze e-mail onterecht heeft ontvangen, wilt u dan
> zo vriendelijk zijn de afzender te waarschuwen door deze
> e-mail terug te
> sturen en de gegevens van uw computer te verwijderen. De RDW kan niet
> volledig instaan voor de juiste en volledige overbrenging van deze
> e-mail.
>
> The information in this e-mail is exclusively intended for the
> addressee. If you have received this e-mail in error, then you are
> requested to inform the sender by returning this e-mail to him/her and
> delete the message. The RDW has not secured the contents of
> this e-mail
> and can therefore not guarantee the accurate and complete transmission
> of this e-mail.
> **************************************************************
> **********
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> All mail to and from this domain is GFI-scanned.
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
Other related posts:
