http://www.ISAserver.org
-------------------------------------------------------
No the outbound http rule applies to a ad users group, not all users
----- Original Message -----
From: "Jim Harrison" <jim@xxxxxxxxxxxx>
To: <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, August 08, 2006 1:50 PM
Subject: [isalist] Re: NTLM proxy authentication with Linux
http://www.ISAserver.org -------------------------------------------------------
That's because your rules are anonymous.
Sent to you from Black Hat Las Vegas via WM5-enabled PPC-phone
-----Original Message----- From: "Greg Mulholland" <gmulholland@xxxxxxxxxxxx> To: isalist@xxxxxxxxxxxxx Sent: 8/7/06 18:57 Subject: [isalist] Re: NTLM proxy authentication with Linux
http://www.ISAserver.org -------------------------------------------------------
not sure whether its single its the limitation of my single nic solution or not but that doesnt work.
If i untick the "require all users.." button then any users in that group (ad users group) are allowed un authenticated access.
Greg
http://www.ISAserver.org -------------------------------------------------------
Nope. You can have authentication without forcing it at the listener. It's called "user-based rules".
------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! -------------------------------------------------------
-----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Greg Mulholland Sent: Monday, August 07, 2006 16:21 To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: NTLM proxy authentication with Linux
http://www.ISAserver.org -------------------------------------------------------
Then my authentication group which is a requirement becomes null and void as the authentication isnt checked. so that doesnt work for me
Greg ----- Original Message ----- From: "Jim Harrison" <Jim@xxxxxxxxxxxx> To: <isalist@xxxxxxxxxxxxx> Sent: Tuesday, August 08, 2006 1:11 AM Subject: [isalist] Re: NTLM proxy authentication with Linux
http://www.ISAserver.org -------------------------------------------------------
Disable "require all users..." on the outbound web listener. If you can't, then you can't have anonymous traffic through it.
------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isas
All mail to and from this domain is GFI-scanned.
