RE: ISA 2004 blocking XP local loopback
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 16 Jan 2006 09:07:23 -0800
This says that IE is failing to obtain the configuration script.
It gets dumped into the cache with a 1-hour TTL.
If you would, send me a capture of a "clean" IE start?
1. Open Netmon (Ethereal) & start capturing.
2. Start | Run | cmd
3. type 'ipconfig/flushdns & nbtstat -R & del ..\array*.script /s & start
http://isatools.org'
4. stop the capture
Send it off...
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: Eric Poole [mailto:EPoole@xxxxxxxxxxxxxxxxxxxx]
Sent: Monday, January 16, 2006 08:49
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 blocking XP local loopback
http://www.ISAserver.org
Ok, here's the results.
The del command got rid of a ton of scripts from the temporary internet files.
After launching IE and running the dir command I get file not found.
_______________________________________________
Eric Poole, CISSP
Senior Information Security Analyst
Community Medical Centers
1140 "T" Street, Fresno, California 93721
559-459-6784 (phone) 559-459-2045 (fax)
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Saturday, January 14, 2006 12:36 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 blocking XP local loopback
http://www.ISAserver.org
I might have considered that if the error was not IE-generated as opposed to
some AX control or user-side script error.
Here's the upshot...
IE attempts to make a proxy connection for any IP address (yes, including
127/8) when it's configured as either:
1. "auto-detect" or "config url" and either
- no script is received
- the script forces this behavior
2. "use a proxy server" and "bypass" is unchecked
Eric also stated that IE was configured to obtain the script from
http://fchap082.cmcinet.org:8080/array.dll?Get.Routing.Script.
This is why I was interested in the contents of the script.
I did lie, though - the file to be searched for and deleted was not
"array.dll", but "array*.script".
Eric, could you retry with that filename?
--------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
--------------------------------------------
-----Original Message-----
From: Young, Gerald G [mailto:Gerald.Young@xxxxxxxxxx]
Sent: Saturday, January 14, 2006 11:17 AM
To: [ISAserver.org Discussion List]
Subject: RE: [isalist] RE: ISA 2004 blocking XP local loopback
Eric stated he was connecting to a database via IE. While IE is the client,
there still needs to be some kind of interface with the database, most likely a
user or system DSN. And while the command may not have worked it's 1) easy to
execute and 2) easy to revert from if it doesn't work.
Nothing wrong with testing. :) Afterall, even if it doesn't work, you now know
WinHTTP isn't a problem, which allows you to remove it with certainty from the
realm of possible causes.
Cordially yours,
Jerry G. Young II
MCSE (4.0/W2K)
Atlanta EES Implementation Team Lead
HHS Engineering
Unisys
11493 Sunset Hills Rd.
Reston, VA 20190
Office: 703-579-2727
Cell: 703-625-1468
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you received
this in error, please contact the sender and delete the e-mail and its
attachments from all computers.
________________________________
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Sat 1/14/2006 12:11 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 blocking XP local loopback
http://www.ISAserver.org <http://www.ISAserver.org/>
IE still uses WinInet and proxycfg only affects WinHTTP.
That commands while useful for WinHTTP-based clients (BITS, OL2K3, etc.) and is
completely useless for IE-based connections.
--------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org <http://isatools.org/> Read the help / books / articles!
--------------------------------------------
-----Original Message-----
From: Young, Gerald G [mailto:Gerald.Young@xxxxxxxxxx]
Sent: Friday, January 13, 2006 1:06 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 blocking XP local loopback
http://www.ISAserver.org <http://www.ISAserver.org/>
Eric,
Here's one other thing to try. At the command prompt, execute the following
command:
proxycfg -p <web proxy ip:port>
If that doesn't work, use the following command to reset it:
proxycfg -d
Cordially yours,
Jerry G. Young II
MCSE (4.0/W2K)
Atlanta EES Implementation Team Lead
HHS Engineering
Unisys
11493 Sunset Hills Rd.
Reston, VA 20190
Office: 703-579-2727
Cell: 703-625-1468
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you received
this in error, please contact the sender and delete the e-mail and its
attachments from all computers.
-----Original Message-----
From: Eric Poole [mailto:EPoole@xxxxxxxxxxxxxxxxxxxx]
Sent: Friday, January 13, 2006 3:53 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 blocking XP local loopback
http://www.ISAserver.org <http://www.ISAserver.org/>
Hmmm, here's what I get, keep in mind that everything else works like it should.
When I type the del command I get "Could Not Find C:\*array.dll*"
After I reload the script and type the dir command I get "File Not Found"
Same thing if I change it to "Automatically detect proxy server" and type dir,
I get "File Not Found".
Like I said, everything else is working as it should. It has to be getting the
correct script changes. I can see the traffic change from one ISA to the next
as I change script settings.
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Friday, January 13, 2006 12:27 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 blocking XP local loopback
http://www.ISAserver.org <http://www.ISAserver.org/>
Nope - that won't work in this case.
Eric, do you know for certain that the browser is getting the wpad script?
You can tell by:
1. close all IE sessions
2. open a cmd window
3. type 'del \*array.dll* /s'
4. open IE and retry the connection
In the cmd window type 'dir \*array.dll* /s'
..do you see any new scripts?
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org <http://isatools.org/>
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: Mark Morgan [mailto:MMorgan@xxxxxxxxxxxxxxxxxxxxx]
Sent: Friday, January 13, 2006 12:20
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 blocking XP local loopback
http://www.ISAserver.org <http://www.ISAserver.org/>
http://support.microsoft.com/kb/262981/?sd=RMVP
Thank You
Mark J Morgan
Palm Drive Hospital
501 Petaluma Ave. Sebastopol, Ca. 95472
Email: mmorgan@xxxxxxxxxxxxxxxxxxxxx
Voice: (707) 829-4242
Fax: (707) 829-4112
Mobile (707) 849-5576
IMPORTANT Notice: The information contained in this e-mail, including any
attachments or other embedded messages, is legally privileged and confidential
and is intended only for the use of the individual or entity to whom it is
addressed. If the reader of this message is not the intended recipient or an
agent responsible for delivering it to the intended recipient, you are hereby
notified that any viewing, dissemination, distribution, retransmitting, or
copying of this e-mail message is strictly prohibited. If you have received
and/or are viewing this e-mail in error, please notify the sender immediately
by reply e-mail, and delete this and all copies of this communication from your
systems. Thank you.
-----Original Message-----
From: Eric Poole [mailto:EPoole@xxxxxxxxxxxxxxxxxxxx]
Sent: Friday, January 13, 2006 12:02 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 blocking XP local loopback
http://www.ISAserver.org <http://www.ISAserver.org/>
Oops, sorry.
"Use automatic configuration script" is checked and the default address that
ISA creates is in for the address.
Example - ISA 2004 -
http://fchap082.cmcinet.org:8080/array.dll?Get.Routing.Script
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Friday, January 13, 2006 11:57 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 blocking XP local loopback
http://www.ISAserver.org <http://www.ISAserver.org/>
..and the proxy settings?
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org <http://isatools.org/>
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: Eric Poole [mailto:EPoole@xxxxxxxxxxxxxxxxxxxx]
Sent: Friday, January 13, 2006 11:32
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 blocking XP local loopback
http://www.ISAserver.org <http://www.ISAserver.org/>
It's a local database that is accessed via http://127.0.0.1:8080
<http://127.0.0.1:8080/> in IE.
_______________________________________________
Eric Poole, CISSP
Senior Information Security Analyst
Community Medical Centers
1140 "T" Street, Fresno, California 93721
559-459-6784 (phone) 559-459-2045 (fax)
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Friday, January 13, 2006 11:08 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 blocking XP local loopback
http://www.ISAserver.org <http://www.ISAserver.org/>
What is the application; IE, Firefox, etc.?
What are the proxy settings on that app?
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org <http://isatools.org/>
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: Eric Poole [mailto:EPoole@xxxxxxxxxxxxxxxxxxxx]
Sent: Friday, January 13, 2006 10:15
To: [ISAserver.org Discussion List]
Subject: [islist] ISA 2004 blocking XP local loopback
http://www.ISAserver.org <http://www.ISAserver.org/>
Ok, I've been looking for the answer to this for about 45min. Why would ISA
2004 block a workstation from getting to 127.0.0.1? Same workstation going
through ISA 2000 is able to access it's local loopback. Someone enlighten me
please!
_______________________________________________
Eric Poole, CISSP
Senior Information Security Analyst
Community Medical Centers <http://communitymedical.org/> 1140 "T"
Street, Fresno, California 93721
559-459-6784 (phone) 559-459-2045 (fax)
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com <http://www.techgenix.com/>
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gerald.young@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
epoole@xxxxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
-------------------------------------------------------
WARNING/CONFIDENTIAL:
-------------------------------------------------------
This email, including attachments, may contain information that is privileged,
confidential, and/or exempt from disclosure under applicable law (including,
but not limited to, protected health information). It is not intended for
transmission to, or receipt by, any unauthorized persons. If the reader of
this message is not the intended recipient you are hereby notified that any
dissemination, distribution or copying of this communication is strictly
prohibited. If you believe this email was sent to you in error, do not read
it. Reply to the sender informing them of the error and then destroy all
copies and attachments of the message from your system. Thank you.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
Other related posts: