RE: Java problems.

• From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 29 Dec 2004 08:37:56 -0800

Nothing you've offered changes my observations or the questions I asked.
Yes, it's likely an ISA configuration issue; this is why I asked where the rule 
sits in the rule order.
Have you examined the ISA logs to see what the ISA response to those 
connections was?
-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: AHendriks@xxxxxx [mailto:AHendriks@xxxxxx] 
Sent: Wednesday, December 29, 2004 02:45
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Java problems.

http://www.ISAserver.org

Normaly behavoir is that all users who have access to the internet needs
to authenticate before they can use the internet, so my default setup
was that alle users from a specific domain group have internet access.

This behavoir happens on a NT workstation, with a XP workstation, the
problem doesn't exist.

The site the users connecting to is a external site, so i'm unable to
change the external site, and when i connect with a xp workstation, i
don't have to authenticate on the external web site, so i think they
don't use NTLM authentication.

Cause of an other problem which i have posted here, i have disabled the
rule for anonymous access to the site, so the problem raised again.

With the proxy 2.0 server which we used before, we have no problems with
the site, so i think it's a configuration problem within ISA 2004.

An other expirence which i had with the migration from proxy to isa, was
that i alway coud make use of the ftp protocol, but when chaning the
settings to the isa server, i was unable to use it, after adding my self
to the domain ftp group (which includes all users with ftp access), i
was able to ftp again.

Arjan

> 99 times out of 10, this is an authentication issue.
> Where does this rule sit in the overall order?
> If you have any authenticated rules before this, your Java 
> app will likely fail.
> As you can see from your rule, allowing anonymous (all users) 
> makes this traffic work.
> Check with your Java runtime authors to see if they have an 
> update that supports Integrated (NTLM) authentication.
> 
> -----Original Message-----
> From: AHendriks@xxxxxx [mailto:AHendriks@xxxxxx]
> Sent: Monday, December 27, 2004 01:25
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Java problems.
> 
> http://www.ISAserver.org
> 
> When a user tries to connect to a site witch uses java, not 
> the whole screen is displays, the user is using Windows NT 
> with IE 5.5, when i try to reach the site everything goes 
> well, i'm using XP with IE 6, i need to turn off pop-ups for the site.
> 
> I have created a rule for the site, so that the site can be 
> reached anonymous, all the other sites needs to be 
> authenticated. When the user tries again, there are no 
> problems with the site, i have wrote the following rule:
> 
> Name          Overheid.nl
> Action        Allow
> Protocols     HTTP/HTTPS
> From          Local,Internal
> To            overheid.nl (domain name set)
> Users         All Users 
> Schedule      Always
> 
> I'm running ISA 2004 as a proxy server only.

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.

Other related posts:

• » Java problems.
• » RE: Java problems.
• » RE: Java problems.
• » RE: Java problems.
• » RE: Java problems.
• » RE: Java problems.
• » RE: Java problems.
• » RE: Java problems.

1. Home
2. isalist
3. Archive
4. 12-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---