Hi Thomas, I join the internal ISA box in my back to back to the domain. The front end ISA box isn't joined to the domain. And I agree that the front end really doesn't need to be added to a domain. Joseph -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Wednesday, July 20, 2005 5:33 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: automatically detect isa server problem http://www.ISAserver.org ARRRGGG! Join that ISA firewall to the domain ASAP. It's a more secure config and then your Firewall clients will work (which is just one of the many reasons why a domain joined ISA firewall is more secure). I always join ISA firewalls to the domain when appropriate. The only time when it wouldn't provide an enhanced security posture is in a back to back config, when the front end isn't doing any auth chores and you're running an anonymous access DMZ between the front end and back end. HTH, Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls > -----Original Message----- > From: jankees [mailto:jankees@xxxxxxx] On Behalf Of info > Sent: Wednesday, July 20, 2005 7:29 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: automatically detect isa server problem > > http://www.ISAserver.org > > Firewall is a standalone server. (not member of any domain) Client is > not member of any domain. > DNS server is AD domain controller. (this is my personal exchange > server, hence the AD.....) > > -----Original Message----- > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > Sent: Wednesday, July 20, 2005 2:19 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: automatically detect isa server problem > > http://www.ISAserver.org > > Hi Info, > > Are the clients members of the same domain as the ISA firewall? > > Tom > www.isaserver.org/shinder > Tom and Deb Shinder's Configuring ISA Server 2004 > http://tinyurl.com/3xqb7 > MVP -- ISA Firewalls > > > > > -----Original Message----- > > From: jankees [mailto:jankees@xxxxxxx] On Behalf Of info > > Sent: Wednesday, July 20, 2005 7:15 AM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] RE: automatically detect isa server problem > > > > http://www.ISAserver.org > > > > It takes about 4 seconds before it syas: Failed to detect > ISA Server. > > > > -----Original Message----- > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > > Sent: Wednesday, July 20, 2005 2:06 PM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] RE: automatically detect isa server problem > > > > http://www.ISAserver.org > > > > Hi Info, > > > > OK, sounds good so far. > > > > What happens when you click Detect Now? > > > > Tom > > www.isaserver.org/shinder > > Tom and Deb Shinder's Configuring ISA Server 2004 > > http://tinyurl.com/3xqb7 > > MVP -- ISA Firewalls > > > > > > > > > -----Original Message----- > > > From: jankees [mailto:jankees@xxxxxxx] On Behalf Of info > > > Sent: Wednesday, July 20, 2005 6:57 AM > > > To: [ISAserver.org Discussion List] > > > Subject: [isalist] RE: automatically detect isa server problem > > > > > > http://www.ISAserver.org > > > > > > > > > The configuration must almost be correct, since the > autodetect does > > > work, after I do an explicit "ping wpad" from the client. > > > > > > > > > > > > Dns is setup as follows: > > > > > > Wpad alias (cname) boss_lan.fels.us > > > Boss_lan host (A) 10.1.0.1 > > > Boss_dmz host (A) 10.2.0.1 > > > > > > Default gateway of the client is 10.1.0.1 > > > > > > Client is on the "Internal" network. > > > > > > "Internal" network settings on isa firewall: > > > > > > Firewall client support is enabled. > > > Isa server name is set to "boss_lan.fels.us" > > > Automatically detect settings is selected. > > > > > > Publish automatic discovery information is selected, > default port 80 > > > > > > -----Original Message----- > > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > > > Sent: Wednesday, July 20, 2005 1:26 PM > > > To: [ISAserver.org Discussion List] > > > Subject: [isalist] RE: automatically detect isa server problem > > > > > > http://www.ISAserver.org > > > > > > What are they? > > > > > > Tom > > > www.isaserver.org/shinder > > > Tom and Deb Shinder's Configuring ISA Server 2004 > > > http://tinyurl.com/3xqb7 > > > MVP -- ISA Firewalls > > > > > > > > > > > > > -----Original Message----- > > > > From: jankees [mailto:jankees@xxxxxxx] On Behalf Of info > > > > Sent: Wednesday, July 20, 2005 6:22 AM > > > > To: [ISAserver.org Discussion List] > > > > Subject: [isalist] RE: automatically detect isa server problem > > > > > > > > http://www.ISAserver.org > > > > > > > > Hi there, > > > > > > > > I believe they are correct. What can I do? > > > > > > > > -----Original Message----- > > > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > > > > Sent: Wednesday, July 20, 2005 1:12 PM > > > > To: [ISAserver.org Discussion List] > > > > Subject: [isalist] RE: automatically detect isa server problem > > > > > > > > http://www.ISAserver.org > > > > > > > > Hi Info, > > > > > > > > Sounds like the Firewall client listener settings aren't > > configured > > > > correctly. > > > > > > > > HTH, > > > > > > > > Tom > > > > www.isaserver.org/shinder > > > > Tom and Deb Shinder's Configuring ISA Server 2004 > > > > http://tinyurl.com/3xqb7 > > > > MVP -- ISA Firewalls > > > > > > > > > > > > > > > > > -----Original Message----- > > > > > From: info@xxxxxxx [mailto:info@xxxxxxx] > > > > > Sent: Wednesday, July 20, 2005 6:03 AM > > > > > To: [ISAserver.org Discussion List] > > > > > Subject: [isalist] automatically detect isa server problem > > > > > > > > > > http://www.ISAserver.org > > > > > > > > > > Hello, > > > > > > > > > > I have a strange problem with "wpad". > > > > > > > > > > My isa firewall client will not automatically detect the > > > isa server. > > > > > Only after I explicitly do a "ping wpad" from the firewall > > > > > client, the dns > > > > > cache is filled on the client with the wpad entry. Only then, > > > > > the firewall > > > > > client can "automatically" detect the isa server. > > > > > > > > > > Why do I have to explicitly do a "ping wpad". According to > > > > > the manual, the > > > > > firewall client is supposed to do it. > > > > > > > > > > In my scenario, there is only 1 isa server and the dns server > > > > > is running > > > > > on a different server. > > > > > > > > > > ------------------------------------------------------ > > > > > List Archives: > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > > ISA Server Newsletter: > > > http://www.isaserver.org/pages/newsletter.asp > > > > > ISA Server FAQ: > > > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > > > ------------------------------------------------------ > > > > > Other Internet Software Marketing Sites: > > > > > World of Windows Networking: http://www.windowsnetworking.com > > > > > Leading Network Software Directory: http://www.serverfiles.com > > > > > No.1 Exchange Server Resource Site: http://www.msexchange.org > > > > > Windows Security Resource Site: http://www.windowsecurity.com/ > > > > > Network Security Library: http://www.secinf.net/ > > > > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > > > > > ------------------------------------------------------ > > > > > You are currently subscribed to this ISAserver.org Discussion > > > > > List as: tshinder@xxxxxxxxxxxxxxxxxx > > > > > To unsubscribe visit > > > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > > > > > > > > > > > ------------------------------------------------------ > > > > List Archives: > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > ISA Server Newsletter: > > http://www.isaserver.org/pages/newsletter.asp > > > > ISA Server FAQ: > > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > > ------------------------------------------------------ > > > > Other Internet Software Marketing Sites: > > > > World of Windows Networking: http://www.windowsnetworking.com > > > > Leading Network Software Directory: http://www.serverfiles.com > > > > No.1 Exchange Server Resource Site: http://www.msexchange.org > > > > Windows Security Resource Site: http://www.windowsecurity.com/ > > > > Network Security Library: http://www.secinf.net/ > > > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > > > > ------------------------------------------------------ > > > > You are currently subscribed to this ISAserver.org > > > Discussion List as: > > > > info@xxxxxxx > > > > To unsubscribe visit > > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > ------------------------------------------------------ > > > > List Archives: > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > ISA Server Newsletter: > > http://www.isaserver.org/pages/newsletter.asp > > > > ISA Server FAQ: > > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > > ------------------------------------------------------ > > > > Other Internet Software Marketing Sites: > > > > World of Windows Networking: http://www.windowsnetworking.com > > > > Leading Network Software Directory: http://www.serverfiles.com > > > > No.1 Exchange Server Resource Site: http://www.msexchange.org > > > > Windows Security Resource Site: http://www.windowsecurity.com/ > > > > Network Security Library: http://www.secinf.net/ > > > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > > > > ------------------------------------------------------ > > > > You are currently subscribed to this ISAserver.org Discussion > > > > List as: tshinder@xxxxxxxxxxxxxxxxxx > > > > To unsubscribe visit > > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > > > > > > > ------------------------------------------------------ > > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server FAQ: > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > ------------------------------------------------------ > > > Other Internet Software Marketing Sites: > > > World of Windows Networking: http://www.windowsnetworking.com > > > Leading Network Software Directory: http://www.serverfiles.com > > > No.1 Exchange Server Resource Site: http://www.msexchange.org > > > Windows Security Resource Site: http://www.windowsecurity.com/ > > > Network Security Library: http://www.secinf.net/ > > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > > > ------------------------------------------------------ > > > You are currently subscribed to this ISAserver.org > > Discussion List as: > > > info@xxxxxxx > > > To unsubscribe visit > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > ------------------------------------------------------ > > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server FAQ: > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > ------------------------------------------------------ > > > Other Internet Software Marketing Sites: > > > World of Windows Networking: http://www.windowsnetworking.com > > > Leading Network Software Directory: http://www.serverfiles.com > > > No.1 Exchange Server Resource Site: http://www.msexchange.org > > > Windows Security Resource Site: http://www.windowsecurity.com/ > > > Network Security Library: http://www.secinf.net/ > > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > > > ------------------------------------------------------ > > > You are currently subscribed to this ISAserver.org Discussion > > > List as: tshinder@xxxxxxxxxxxxxxxxxx > > > To unsubscribe visit > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org > Discussion List as: > > info@xxxxxxx > > To unsubscribe visit > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion > > List as: tshinder@xxxxxxxxxxxxxxxxxx > > To unsubscribe visit > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > info@xxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: josephk@xxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx