> Hi Dan, > > 1) If your client access the unwanted monitor site through ISA > (ISA is a router between two subnet), you need to set unmonitored > site at SWF > 2) If your client can access the site by another route without need > to go thourgh ISA, then you shall deploy direct access for > client depending on client type (WPC or FWC). It has nothing to > do with SWF setting. > ----- Original Message ----- > From: "Ball, Dan" <DBall@xxxxxxxxxxx> > To: <isalist@xxxxxxxxxxxxx> > Sent: Tuesday, August 22, 2006 10:44 AM > Subject: [isalist] Re: SurfControl/Direct Access... > > >> http://www.ISAserver.org >> ------------------------------------------------------- >> >> Yes they are. >> >> -----Original Message----- >> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] >> On Behalf Of Thomas W Shinder >> Sent: Monday, August 21, 2006 10:31 PM >> To: isalist@xxxxxxxxxxxxx >> Subject: [isalist] Re: SurfControl/Direct Access... >> >> http://www.ISAserver.org >> ------------------------------------------------------- >> >> Are the Web proxy clients configured to use the autoconfiguration >> script? >> >> Thomas W Shinder, M.D. >> Site: www.isaserver.org >> Blog: http://blogs.isaserver.org/shinder/ >> Book: http://tinyurl.com/3xqb7 >> MVP -- ISA Firewalls >> >> >> >>> -----Original Message----- >>> From: isalist-bounce@xxxxxxxxxxxxx >>> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ball, Dan >>> Sent: Monday, August 21, 2006 9:25 PM >>> To: isalist@xxxxxxxxxxxxx >>> Subject: [isalist] Re: SurfControl/Direct Access... >>> >>> http://www.ISAserver.org >>> ------------------------------------------------------- >>> >>> I've been digging through my archives for the last hour, and >>> cannot find >>> what I remember... Maybe it's just my old-age kicking in, and I'm >>> remembering things that didn't happen... >>> >>> Anyways, I've gone through the Direct Access settings over >>> and over, and >>> cannot find what might be wrong. Only thing I can think of is the >>> wpad/wspad settings... >>> >>> >>> -----Original Message----- >>> From: isalist-bounce@xxxxxxxxxxxxx >>> [mailto:isalist-bounce@xxxxxxxxxxxxx] >>> On Behalf Of Thomas W Shinder >>> Sent: Monday, August 21, 2006 10:00 PM >>> To: isalist@xxxxxxxxxxxxx >>> Subject: [isalist] Re: SurfControl/Direct Access... >>> >>> http://www.ISAserver.org >>> ------------------------------------------------------- >>> >>> Hi Dan, >>> >>> For internal connections, Direct Access is entirely a client function. >>> ISA is never in the picture. >>> >>> Tom >>> >>> Thomas W Shinder, M.D. >>> Site: www.isaserver.org >>> Blog: http://blogs.isaserver.org/shinder/ >>> Book: http://tinyurl.com/3xqb7 >>> MVP -- ISA Firewalls >>> >>> >>> >>> > -----Original Message----- >>> > From: isalist-bounce@xxxxxxxxxxxxx >>> > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ball, Dan >>> > Sent: Monday, August 21, 2006 8:36 PM >>> > To: isalist@xxxxxxxxxxxxx >>> > Subject: [isalist] Re: SurfControl/Direct Access... >>> > >>> > http://www.ISAserver.org >>> > ------------------------------------------------------- >>> > >>> > That is what we were talking about, it IS configured for >>> > direct access, >>> > but no matter what I do the traffic shows up as passing >>> > through the ISA >>> > server. I seem to recall discussing this with you before, >>> and it was >>> > determined that SurfControl had basically disabled the Direct >>> > Access. >>> > >>> > Geesh, now you got me wondering what was really said. I'll >>> > have to dig >>> > through my e-mail archives to find out what we talked about >>> > last time... >>> > >>> > -----Original Message----- >>> > From: isalist-bounce@xxxxxxxxxxxxx >>> > [mailto:isalist-bounce@xxxxxxxxxxxxx] >>> > On Behalf Of Thomas W Shinder >>> > Sent: Monday, August 21, 2006 8:12 PM >>> > To: isalist@xxxxxxxxxxxxx >>> > Subject: [isalist] Re: SurfControl/Direct Access... >>> > >>> > http://www.ISAserver.org >>> > ------------------------------------------------------- >>> > >>> > Hi Dan, >>> > >>> > To solve that problem you need to enable Direct Access to >>> the internal >>> > sites. >>> > >>> > Tom >>> > >>> > Thomas W Shinder, M.D. >>> > Site: www.isaserver.org >>> > Blog: http://blogs.isaserver.org/shinder/ >>> > Book: http://tinyurl.com/3xqb7 >>> > MVP -- ISA Firewalls >>> > >>> > >>> > >>> > > -----Original Message----- >>> > > From: isalist-bounce@xxxxxxxxxxxxx >>> > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ball, Dan >>> > > Sent: Monday, August 21, 2006 6:56 PM >>> > > To: isalist@xxxxxxxxxxxxx >>> > > Subject: [isalist] Re: SurfControl/Direct Access... >>> > > >>> > > http://www.ISAserver.org >>> > > ------------------------------------------------------- >>> > > >>> > > Yes, that was the problem we were running into. Surfcontrol was >>> > > "automatically" monitoring every user that browsed our published >>> > > webserver from the Internet, making the saved history >>> > > database useless. >>> > > I'd go in and deselect all the external hostnames, tell >>> > > SurfControl not >>> > > to monitor them, and the next day I'd have a couple hundred >>> > more to do >>> > > it all over again. It proved to be quite tedious since >>> I'd have to >>> > > browse through that narrow list box to select all the >>> > hostnames, stop >>> > > the database, save the changes, and start it again. >>> > > >>> > > I finally fixed that by stopping it from monitoring port >>> 80, now it >>> > > monitors only port 8080, the proxy port. That seems to be >>> > > working now, >>> > > the only ones "automatically" monitored are the users using >>> > the proxy, >>> > > which is who we want to monitor anyways. >>> > > >>> > > But, that doesn't solve the problem I have now, the >>> requests really >>> > > "shouldn't" be passing through the ISA server in the first >>> > > place if they >>> > > are going to the webserver on the same internal subnet. >>> > > >>> > > >>> > > -----Original Message----- >>> > > From: isalist-bounce@xxxxxxxxxxxxx >>> > > [mailto:isalist-bounce@xxxxxxxxxxxxx] >>> > > On Behalf Of Crockett, Gregory >>> > > Sent: Monday, August 21, 2006 6:49 PM >>> > > To: isalist@xxxxxxxxxxxxx >>> > > Subject: [isalist] Re: SurfControl/Direct Access... >>> > > >>> > > http://www.ISAserver.org >>> > > ------------------------------------------------------- >>> > > >>> > > Add the sites to "unmonitored sites" found under the monitor >>> > > application/monitored data tab. There, you should list all >>> > > sites and ip >>> > > addresses of all host that you do not want monitored. This >>> > > includes web >>> > > enabled devices (switches, etc.) that are accessed >>> through isa from >>> > > Internal to internal networks. If not, they (users either >>> > > authenticated >>> > > or unauthenticated) will eat at your license count. >>> > > >>> > > greg >>> > > >>> > > Sent from mobile Outlook. >>> > > >>> > > -----Original Message----- >>> > > From: "Ball, Dan" <DBall@xxxxxxxxxxx> >>> > > To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx> >>> > > Sent: 8/21/06 2:19 PM >>> > > Subject: [isalist] SurfControl/Direct Access... >>> > > >>> > > Tom, what is the current status of Direct Access when used in >>> > > conjunction with SurfControl? I remember you saying >>> > > something about it >>> > > before, but I can't find my e-mails on it. I was working with >>> > > SurfControl quite a bit last week, trying to work out some of >>> > > the bugs, >>> > > and thought it would be really nice if I can get the local >>> > web traffic >>> > > to stop going through the ISA server also. >>> > > >>> > > >>> > > >>> > > I finally figured out a way to get it to stop monitoring >>> > > users from the >>> > > Internet, so that helps. SurfControl support seemed >>> > surprised that it >>> > > was doing that... >>> > > >>> > > >>> > > >>> > > ------------------------------------------------------ >>> > > List Archives: //www.freelists.org/archives/isalist/ >>> > > ISA Server Newsletter: >>> > http://www.isaserver.org/pages/newsletter.asp >>> > > ISA Server Articles and Tutorials: >>> > > http://www.isaserver.org/articles_tutorials/ >>> > > ISA Server Blogs: http://blogs.isaserver.org/ >>> > > ------------------------------------------------------ >>> > > Visit TechGenix.com for more information about our other sites: >>> > > http://www.techgenix.com >>> > > ------------------------------------------------------ >>> > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp >>> > > Report abuse to listadmin@xxxxxxxxxxxxx >>> > > >>> > > ------------------------------------------------------ >>> > > List Archives: //www.freelists.org/archives/isalist/ >>> > > ISA Server Newsletter: >>> > http://www.isaserver.org/pages/newsletter.asp >>> > > ISA Server Articles and Tutorials: >>> > > http://www.isaserver.org/articles_tutorials/ >>> > > ISA Server Blogs: http://blogs.isaserver.org/ >>> > > ------------------------------------------------------ >>> > > Visit TechGenix.com for more information about our other sites: >>> > > http://www.techgenix.com >>> > > ------------------------------------------------------ >>> > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp >>> > > Report abuse to listadmin@xxxxxxxxxxxxx >>> > > >>> > > >>> > > >>> > ------------------------------------------------------ >>> > List Archives: //www.freelists.org/archives/isalist/ >>> > ISA Server Newsletter: >>> http://www.isaserver.org/pages/newsletter.asp >>> > ISA Server Articles and Tutorials: >>> > http://www.isaserver.org/articles_tutorials/ >>> > ISA Server Blogs: http://blogs.isaserver.org/ >>> > ------------------------------------------------------ >>> > Visit TechGenix.com for more information about our other sites: >>> > http://www.techgenix.com >>> > ------------------------------------------------------ >>> > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp >>> > Report abuse to listadmin@xxxxxxxxxxxxx >>> > >>> > ------------------------------------------------------ >>> > List Archives: //www.freelists.org/archives/isalist/ >>> > ISA Server Newsletter: >>> http://www.isaserver.org/pages/newsletter.asp >>> > ISA Server Articles and Tutorials: >>> > http://www.isaserver.org/articles_tutorials/ >>> > ISA Server Blogs: http://blogs.isaserver.org/ >>> > ------------------------------------------------------ >>> > Visit TechGenix.com for more information about our other sites: >>> > http://www.techgenix.com >>> > ------------------------------------------------------ >>> > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp >>> > Report abuse to listadmin@xxxxxxxxxxxxx >>> > >>> > >>> > >>> ------------------------------------------------------ >>> List Archives: //www.freelists.org/archives/isalist/ >>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >>> ISA Server Articles and Tutorials: >>> http://www.isaserver.org/articles_tutorials/ >>> ISA Server Blogs: http://blogs.isaserver.org/ >>> ------------------------------------------------------ >>> Visit TechGenix.com for more information about our other sites: >>> http://www.techgenix.com >>> ------------------------------------------------------ >>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp >>> Report abuse to listadmin@xxxxxxxxxxxxx >>> >>> ------------------------------------------------------ >>> List Archives: //www.freelists.org/archives/isalist/ >>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >>> ISA Server Articles and Tutorials: >>> http://www.isaserver.org/articles_tutorials/ >>> ISA Server Blogs: http://blogs.isaserver.org/ >>> ------------------------------------------------------ >>> Visit TechGenix.com for more information about our other sites: >>> http://www.techgenix.com >>> ------------------------------------------------------ >>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp >>> Report abuse to listadmin@xxxxxxxxxxxxx >>> >>> >>> >> ------------------------------------------------------ >> List Archives: //www.freelists.org/archives/isalist/ >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >> ISA Server Articles and Tutorials: >> http://www.isaserver.org/articles_tutorials/ >> ISA Server Blogs: http://blogs.isaserver.org/ >> ------------------------------------------------------ >> Visit TechGenix.com for more information about our other sites: >> http://www.techgenix.com >> ------------------------------------------------------ >> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp >> Report abuse to listadmin@xxxxxxxxxxxxx >> >> ------------------------------------------------------ >> List Archives: //www.freelists.org/archives/isalist/ >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >> ISA Server Articles and Tutorials: >> http://www.isaserver.org/articles_tutorials/ >> ISA Server Blogs: http://blogs.isaserver.org/ >> ------------------------------------------------------ >> Visit TechGenix.com for more information about our other sites: >> http://www.techgenix.com >> ------------------------------------------------------ >> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp >> Report abuse to listadmin@xxxxxxxxxxxxx >> >>