RE: ISA 2004 Cache

Oh no! I've been working day and night on the "Open Port" button so that
it will be ready for ISA 2038. But I didn't even consider the "Block
Port" button! If I have to take this to the whiteboard, I won't get the
combined solution out until ISA 2077 RTMs.

I knew this was going to be a bad day.

Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls

 

> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
> Sent: Thursday, July 14, 2005 8:25 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: ISA 2004 Cache
> 
> http://www.ISAserver.org
> 
> You can't have both "resolving sites well" and "port blocked" in the
> same environment.
> 
> -----Original Message-----
> From: AHendriks@xxxxxx [mailto:AHendriks@xxxxxx] 
> Sent: Thursday, July 14, 2005 12:57 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: ISA 2004 Cache
> 
> http://www.ISAserver.org
> 
> > Sounds like you might be getting some DNS cache poisoning.
> > This can completely mess up the ISA cache because ISA gets 
> > directed to the wrong place.
> 
> That was my first thought to, but i have checked dns settings serveral
> times, and the dns is resolving the sites well.
> 
> > Try using a different upstream DNS provider and see if that helps.
> 
> I have only one dns upstream available, which is a internal 
> dns server,
> i'm unable to change the dns to a server on the internet, 
> cause the port
> has been blocked.
> 
> Arjan 
> 
> > 
> > > You'll have to be a bit more specific about:
> > 
> > OK, i will place some configuration stuff here.
> > 
> > > 1. your ISA caching configuration
> > 
> > The default cache rule, the only thing i have changed is 
> > disabling the ftp caching, an second rule which disables 
> > caching for windowsupdate.microsoft.com.
> > 
> > I have configured a cache size of 10 Gb, and have left 
> > everything in default.
> > 
> > > 2. what sites
> > 
> > When going to www.google.com the user ends up at www.omroep.nl
> > 
> > > 3. what requests.
> > 
> > HTTP request.
> > 
> > > Generally, ISA caches site content according to the rule 
> > outlined in 
> > > the ISA help, but it's also possible to configure it so 
> > that it caches
> > 
> > > everything in sight (bad thing).
> > 
> > I haven't changed anything in the caching rule, as mentioned 
> > above, on the server there is a eTrust antivirus client 
> > active, i have excluded the caching dir for scanning, and the 
> > processes used by isa are excluded to.
> 
> 
> **************************************************************
> **********
> De informatie in deze e-mail is uitsluitend bestemd voor de
> geadresseerde. Als u deze e-mail onterecht heeft ontvangen, wilt u dan
> zo vriendelijk zijn de afzender te waarschuwen door deze 
> e-mail terug te
> sturen en de gegevens van uw computer te verwijderen. De RDW kan niet
> volledig instaan voor de juiste en volledige overbrenging van deze
> e-mail.
> 
> The information in this e-mail is exclusively intended for the
> addressee. If you have received this e-mail in error, then you are
> requested to inform the sender by returning this e-mail to him/her and
> delete the message. The RDW has not secured the contents of 
> this e-mail
> and can therefore not guarantee the accurate and complete transmission
> of this e-mail.
> **************************************************************
> **********
> 
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> All mail to and from this domain is GFI-scanned.
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 


Other related posts: