The rules are fine, cause i don't see this behavoir all the time, but it happens sometimes, the folks off SC are already working on it (i hope), in the mean time i wanted to do some research and ask something around. I think that ISA have some kind of bug where ISA only uses the first rule, and all the sessions are un-authenticated pased through SC, which blockes the sessions cause SC doesn' allow any ip adresses, and only user names. Arjan Hendriks > -----Original Message----- > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > Sent: maandag 3 januari 2005 16:17 > To: Hendriks, Arjan > Subject: RE: [isalist] RE: ISA 2004 & SurfControl > > That screenshot clearly shows Surf Control blocking the sites > you're interested in. > Get with the SC folks to help you create proper rules. > > > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG > http://isaserver.org/Jim_Harrison/ > http://isatools.org > Read the help / books / articles! > > > -----Original Message----- > From: AHendriks@xxxxxx [mailto:AHendriks@xxxxxx] > Sent: Monday, January 03, 2005 5:35 AM > To: Jim Harrison > Subject: FW: [isalist] RE: ISA 2004 & SurfControl > > The attachement. > > Arjan > > > > -----Original Message----- > > From: Hendriks, Arjan > > Sent: maandag 3 januari 2005 14:34 > > To: '[ISAserver.org Discussion List]' > > Subject: RE: [isalist] RE: ISA 2004 & SurfControl > > > > OK, i don't send any attachments with this message, i will > forward the > > attachment to your e-mail adres. > > > > 1 - I have checked the logs, but haven't find any thing. > > 2 - Cause off performance issues, i have turnd off the logging from > > isa, from a kb article from MS. > > > > Arjan > > > > > -----Original Message----- > > > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > > > Sent: vrijdag 31 december 2004 17:09 > > > To: [ISAserver.org Discussion List] > > > Subject: [isalist] RE: ISA 2004 & SurfControl > > > > > > http://www.ISAserver.org > > > > > > Ho, don't add attachments; they'll likely cause the message be > > > rejected as too big and don't usually show what's needed anyway. > > > > > > What you should do instead is: > > > 1 - examine the Surf Control logs > > > you may have a SC rule that's causing your pain > > > 2 - examine the ISA web proxy logs > > > you may have an ISA rule that's causing your pain > > > > > > Jim Harrison > > > MCP(NT4, W2K), A+, Network+, PCG > > > http://isaserver.org/Jim_Harrison/ > > > http://isatools.org > > > Read the help / books / articles! > > > > > > > > > -----Original Message----- > > > From: AHendriks@xxxxxx [mailto:AHendriks@xxxxxx] > > > Sent: Friday, December 31, 2004 2:43 AM > > > To: [ISAserver.org Discussion List] > > > Subject: [isalist] RE: ISA 2004 & SurfControl > > > > > > http://www.ISAserver.org > > > > > > Nope, it's not the WU site only, sites like google.nl are > > blocked to, > > > i don't know if i may ad a attachment, at the time the problem > > > arrised, i made a screen dump of SurfControl, which my > declare the > > > problem. > > > > > > Arjan > > > > > > > -----Original Message----- > > > > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > > > > Sent: donderdag 30 december 2004 15:57 > > > > To: [ISAserver.org Discussion List] > > > > Subject: [isalist] RE: ISA 2004 & SurfControl > > > > > > > > http://www.ISAserver.org > > > > > > > > If the only problem is that WU sites are being blocked, > this is a > > > > known issue that isn't resolvable with Surf Control, > Web Sense or > > > > BurstTek. > > > > > > > > > > > > Jim Harrison > > > > MCP(NT4, W2K), A+, Network+, PCG > > > > http://isaserver.org/Jim_Harrison/ > > > > http://isatools.org > > > > Read the help / books / articles! > > > > > > > > > > > > > > > > -----Original Message----- > > > > From: AHendriks@xxxxxx [mailto:AHendriks@xxxxxx] > > > > Sent: Wednesday, December 29, 2004 11:12 PM > > > > To: [ISAserver.org Discussion List] > > > > Subject: [isalist] RE: ISA 2004 & SurfControl > > > > > > > > http://www.ISAserver.org > > > > > > > > The only things i can find in the event log are messages about > > > > starting and stopping the surfcontrol services, nothing else. > > > > > > > > Arjan > > > > > > > > > Use your Event logs. > > > > > What error or warning events do you find in there? > > > > > > > > > -----Original Message----- > > > > > From: AHendriks@xxxxxx [mailto:AHendriks@xxxxxx] > > > > > Sent: Wednesday, December 29, 2004 02:15 > > > > > To: [ISAserver.org Discussion List] > > > > > Subject: [isalist] ISA 2004 & SurfControl > > > > > > > > > > http://www.ISAserver.org > > > > > > > > > > I'm using ISA 2004 and SurfControl 5.0 for controlling the > > > > access to > > > > > the internet, from time to time i see in the real time > > > > logging window > > > > > from SurfControl blocked sites, which 5 minutes before > > > was working > > > > > correctly. > > > > > > > > > > When the sites are blocked, it seems that the sessions off > > > > the users > > > > > are timed out, and they have to refresh there sessions, and > > > > they start > > > > > to complain. > > > > > > > > > > Within ISA i have configured a rule which allowed > > workstation to > > > > > connect anonymous to the windows update site, which > > > > discussed in the > > > > > following > > > > > article: > > > > > http://www.microsoft.com/technet/prodtechnol/winxppro/support/ > > > > > updateauth > > > > > en.mspx > > > > > > > > > > After disabling the rule, and watching at the real > time logging > > > > > window, i haven't seen this behavior again. > > > > > > > > > > A other behavoir is that when a user types a URL for a > > > > site, IE times > > > > > out, when an other user types the same URL, the content is > > > > displayd in > > > > > his browser. > > > > > The first user have to hit refresh before the content > > is displayd. > > > > > > > > > > One of the tuning tips was disabling logging, we where > > > > logging the ISA > > > > > logs to an external SQL box, SurfControl uses the > same for his > > > > > logging. > > > > > > > > > > What could be the problem. > > > > > > > > > > Arjan > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------ > > > > > List Archives: > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > > ISA Server Newsletter: > > > http://www.isaserver.org/pages/newsletter.asp > > > > > ISA Server FAQ: > > > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > > > ------------------------------------------------------ > > > > > Other Internet Software Marketing Sites: > > > > > World of Windows Networking: > > > > http://www.windowsnetworking.com Leading > > > > > Network Software Directory: http://www.serverfiles.com > > > > > No.1 Exchange Server Resource Site: > > > > http://www.msexchange.org Windows > > > > > Security Resource Site: > > > > > http://www.windowsecurity.com/ Network Security Library: > > > > > http://www.secinf.net/ Windows 2000/NT Fax Solutions: > > > > > http://www.ntfaxfaq.com > > > > > ------------------------------------------------------ > > > > > You are currently subscribed to this ISAserver.org > > > > Discussion List as: > > > > > jim@xxxxxxxxxxxx To unsubscribe visit > > > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > > > All mail to and from this domain is GFI-scanned. > > > > > > > > > > > > > > > ------------------------------------------------------ > > > > > List Archives: > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > > ISA Server Newsletter: > > > http://www.isaserver.org/pages/newsletter.asp > > > > > ISA Server FAQ: > > > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > > > ------------------------------------------------------ > > > > > Other Internet Software Marketing Sites: > > > > > World of Windows Networking: > > > > http://www.windowsnetworking.com Leading > > > > > Network Software Directory: http://www.serverfiles.com > > > > > No.1 Exchange Server Resource Site: > > > > http://www.msexchange.org Windows > > > > > Security Resource Site: > > > > > http://www.windowsecurity.com/ Network Security Library: > > > > > http://www.secinf.net/ Windows 2000/NT Fax Solutions: > > > > > http://www.ntfaxfaq.com > > > > > ------------------------------------------------------ > > > > > You are currently subscribed to this ISAserver.org > > > > Discussion List as: > > > > > ahendriks@xxxxxx To unsubscribe visit > > > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > > > > > > ------------------------------------------------------ > > > > List Archives: > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > ISA Server Newsletter: > > http://www.isaserver.org/pages/newsletter.asp > > > > ISA Server FAQ: > > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > > ------------------------------------------------------ > > > > Other Internet Software Marketing Sites: > > > > World of Windows Networking: > > > http://www.windowsnetworking.com Leading > > > > Network Software Directory: http://www.serverfiles.com > > > > No.1 Exchange Server Resource Site: > > > http://www.msexchange.org Windows > > > > Security Resource Site: http://www.windowsecurity.com/ Network > > > > Security Library: http://www.secinf.net/ Windows 2000/NT Fax > > > > Solutions: http://www.ntfaxfaq.com > > > > ------------------------------------------------------ > > > > You are currently subscribed to this ISAserver.org > > > Discussion List as: > > > > jim@xxxxxxxxxxxx > > > > To unsubscribe visit > > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > All mail to and from this domain is GFI-scanned. > > > > > > > > > > > > ------------------------------------------------------ > > > > List Archives: > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > ISA Server Newsletter: > > http://www.isaserver.org/pages/newsletter.asp > > > > ISA Server FAQ: > > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > > ------------------------------------------------------ > > > > Other Internet Software Marketing Sites: > > > > World of Windows Networking: > > > http://www.windowsnetworking.com Leading > > > > Network Software Directory: http://www.serverfiles.com > > > > No.1 Exchange Server Resource Site: > > > http://www.msexchange.org Windows > > > > Security Resource Site: http://www.windowsecurity.com/ Network > > > > Security Library: http://www.secinf.net/ Windows 2000/NT Fax > > > > Solutions: http://www.ntfaxfaq.com > > > > ------------------------------------------------------ > > > > You are currently subscribed to this ISAserver.org > > > Discussion List as: > > > > ahendriks@xxxxxx To unsubscribe visit > > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > > > ------------------------------------------------------ > > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server FAQ: > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > ------------------------------------------------------ > > > Other Internet Software Marketing Sites: > > > World of Windows Networking: > > http://www.windowsnetworking.com Leading > > > Network Software Directory: http://www.serverfiles.com > > > No.1 Exchange Server Resource Site: > > http://www.msexchange.org Windows > > > Security Resource Site: > > > http://www.windowsecurity.com/ Network Security Library: > > > http://www.secinf.net/ Windows 2000/NT Fax Solutions: > > > http://www.ntfaxfaq.com > > > ------------------------------------------------------ > > > You are currently subscribed to this ISAserver.org > > Discussion List as: > > > jim@xxxxxxxxxxxx > > > To unsubscribe visit > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > All mail to and from this domain is GFI-scanned. > > > > > > > > > ------------------------------------------------------ > > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server FAQ: > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > ------------------------------------------------------ > > > Other Internet Software Marketing Sites: > > > World of Windows Networking: > > http://www.windowsnetworking.com Leading > > > Network Software Directory: http://www.serverfiles.com > > > No.1 Exchange Server Resource Site: > > http://www.msexchange.org Windows > > > Security Resource Site: > > > http://www.windowsecurity.com/ Network Security Library: > > > http://www.secinf.net/ Windows 2000/NT Fax Solutions: > > > http://www.ntfaxfaq.com > > > ------------------------------------------------------ > > > You are currently subscribed to this ISAserver.org > > Discussion List as: > > > ahendriks@xxxxxx To unsubscribe visit > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > All mail to and from this domain is GFI-scanned. > >