Nope, it applies to outbound connections. Are these streaming media hosts internal?? ----- Robert Bosch Corporation Technical Systems Analyst (RBNA/CSA1) Corporate Sales Reporting Systems 38000 Hills Tech Drive - Farmington Hills, MI 48331 - USA phone: 1 (248) 553-1164 fax: 1 (248) 848-6969 shawn.quillman@xxxxxxxxxxxx http://www.bosch.us -----Original Message----- From: Ball, Dan [mailto:DBall@xxxxxxxxxxx] Sent: Wednesday, June 15, 2005 5:02 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Proxy Authentication - Streaming Media http://www.ISAserver.org 4. I'm not sure what you mean. I can set Basic Authentication via Web Listeners, but that only applies to inbound connections. The rule allowing web access (and a separate one for Streaming Media protocols) is applied only to a User Set that contains the relevant AD groups. There is no option to use Basic Authentication. What am I missing? 5. No, not really. They don't need to authenticate to access internal resources, but then they aren't passing through the ISA server, so no rule is necessary. Almost all other rules require authentication. There is only one rule with "All Users" defined, and that is for the Ping protocol. -----Original Message----- From: Quillman Shawn (RBNA/CSA1) * [mailto:Shawn.Quillman@xxxxxxxxxxxx] Sent: Wednesday, June 15, 2005 16:46 To: [ISAserver.org Discussion List] Subject: [isalist] RE: Proxy Authentication - Streaming Media http://www.ISAserver.org 4) Do you have Basic authentication turned on? 5) Do you have rules that allow all users access to some things? ----- Robert Bosch Corporation Technical Systems Analyst (RBNA/CSA1) Corporate Sales Reporting Systems 38000 Hills Tech Drive - Farmington Hills, MI 48331 - USA phone: 1 (248) 553-1164 fax: 1 (248) 848-6969 shawn.quillman@xxxxxxxxxxxx http://www.bosch.us -----Original Message----- From: Ball, Dan [mailto:DBall@xxxxxxxxxxx] Sent: Wednesday, June 15, 2005 3:48 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Proxy Authentication - Streaming Media http://www.ISAserver.org No, we have completely different scenario. All users are part of "one" domain, anyone from the internal network attempting to do anything outside of our network has to be authenticated with AD to make sure they are part of the group that allows them to go online. I think I'll have to find a specific site and get some log entries to see what is going on. I haven't worked on that problem since January, so don't remember the details of what I found/didn't find. I've just been telling people to type in their credentials until I can find a fix. -----Original Message----- From: JosephK [mailto:josephk@xxxxxxxxx] Sent: Wednesday, June 15, 2005 15:33 To: [ISAserver.org Discussion List] Subject: [isalist] RE: Proxy Authentication - Streaming Media http://www.ISAserver.org Hi Dan, I'm not sure if this is your scenario or not. But, I have multiple sites/domains and I have my system setup so that I can add users to different domains and when the chance arises for adding new email I can select @domain1.com, @domain2.com etc. So, when my domain is internal.com and someone wants to connect out and is really part of domain1.com they have to enter credentials the same for my exchange server. if they want to connect to the exchange server domain1\username1 and then password. For me and the uses that have it's not been a big issue. When someone is local then they don't have to enter credentials. Joseph ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: shawn.quillman@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx