RE: automatically detect isa server problem

  • From: "Thor \(Hammer of God\)" <thor@xxxxxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 20 Jul 2005 18:20:09 -0700

A stoned gathering rolls no moss.

----- Original Message ----- From: "Greg Mulholland" <gmulholland@xxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, July 20, 2005 4:16 PM
Subject: [isalist] RE: automatically detect isa server problem



http://www.ISAserver.org


How about

IF BARBIE IS SO POPULAR, WHY DO YOU HAVE TO BUY HER FRIENDS?
And
HOW MANY OF YOU BELIEVE IN PSYCHO-KINESIS? RAISE MY HAND.

Greg

-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Thursday, 21 July 2005 7:35 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: automatically detect isa server problem

http://www.ISAserver.org

You mean:
"You are my pretty flower"?

-------------------------------------------------------
  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!
-------------------------------------------------------


-----Original Message----- From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] Sent: Wednesday, July 20, 2005 11:47 To: [ISAserver.org Discussion List] Subject: [isalist] RE: automatically detect isa server problem

http://www.ISAserver.org

Just add Jim's ;)

----- Original Message -----
From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, July 20, 2005 11:39 AM
Subject: [isalist] RE: automatically detect isa server problem


http://www.ISAserver.org

Hmmm. Better see if I can get that quote removed ;)

Would like you an alternate quote included?

Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls



-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
Sent: Wednesday, July 20, 2005 1:30 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: automatically detect isa server problem

http://www.ISAserver.org

Payback is a mf.

----- Original Message -----
From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, July 20, 2005 11:21 AM
Subject: [isalist] RE: automatically detect isa server problem


http://www.ISAserver.org

You said I could quote you on that :)

Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls



> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> Sent: Wednesday, July 20, 2005 1:16 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: automatically detect isa server problem
>
> http://www.ISAserver.org
>
> Oh, great... "Tim the pompous ass."  I hope you're
including context!!
>
> t
>
> ----- Original Message -----
> From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Wednesday, July 20, 2005 11:03 AM
> Subject: [isalist] RE: automatically detect isa server problem
>
>
> http://www.ISAserver.org
>
> Hi Tim,
>
> Great stuff! Just entered into my database of article ideas :-)
>
> BTW -- the following quote will appear in this month's ISAServer.org
> newsletter:
>
> "If I gloated every time I was right, I'd never have an
opportunity to
> make a
> mistake!"  --Tim Mullen
>
> Tom
> www.isaserver.org/shinder
> Tom and Deb Shinder's Configuring ISA Server 2004
> http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
>
>
>
> > -----Original Message-----
> > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> > Sent: Wednesday, July 20, 2005 12:48 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: automatically detect isa server problem
> >
> > http://www.ISAserver.org
> >
> > It all depends on what works best for your setup.  My DMZ
> > houses servers for
> > data-driven web content, as well as my av/spam smtp gateway.
> > There is also
> > an authorization infrastructure in place for external users
> > to log on to
> > access private, client-based resources.  As such, having AD
> > in the DMZ
> > allows for much easier policy-based administration, and
> > affords more secure
> > options such as certificate-based IPSec rules in the DMZ,
> > server hardening
> > group policy objects, etc.
> >
> > t
> >
> > ----- Original Message -----
> > From: "JosephK" <josephk@xxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Wednesday, July 20, 2005 10:23 AM
> > Subject: [isalist] RE: automatically detect isa server problem
> >
> >
> > http://www.ISAserver.org
> >
> > That's actually an interesting concept. I only have mail
> > forwarders and
> > a sniffer in my honeypot dmz. Do you think that it is a
good idea to
> > keep
> > a second domain in the DMZ domain? And what are some
> > additional benefits
> > of
> > doing so?
> > Thank you,
> > Joseph
> >
> > -----Original Message-----
> > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> > Sent: Wednesday, July 20, 2005 10:17 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: automatically detect isa server problem
> >
> > http://www.ISAserver.org
> >
> > Well, I wouldn't say "no reason" like that... My FE ISA
server is a
> > member
> > of the DMZ domain for the same reason.  Of course, the DMZ
> domain and
> > the
> > internal domain don't have anything to do with each other--
> but things
> > like
> > authentication and group policy are quite valid reasons to
> have even a
> > FE
> > ISA as a domain member.   But I know you know that ;)
> >
> > t
> >
> > ----- Original Message -----
> > From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Wednesday, July 20, 2005 10:00 AM
> > Subject: [isalist] RE: automatically detect isa server problem
> >
> >
> > http://www.ISAserver.org
> >
> > Hi Joseph,
> >
> > Exactly. Since there isn't a net increase in the level of security
> > offered by the front-end being a domain member, there's no
> > reason to do
> > so. What gets me are those who won't join the ISA firewall to
> > the domain
> > because they're afraid men from Mars will come here and not
> > get Measles.
> >
> > Tom
> > www.isaserver.org/shinder
> > Tom and Deb Shinder's Configuring ISA Server 2004
> > http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> >
> >
> >
> > > -----Original Message-----
> > > From: JosephK [mailto:josephk@xxxxxxxxx]
> > > Sent: Wednesday, July 20, 2005 11:51 AM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: automatically detect isa server problem
> > >
> > > http://www.ISAserver.org
> > >
> > > Hi Thomas,
> > > I join the internal ISA box in my back to back to the domain.
> > > The front end ISA box isn't joined to the domain.  And I
> > > agree that the
> > > front end really doesn't need to be added to a domain.
> > >
> > > Joseph
> > >
> > > -----Original Message-----
> > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> > > Sent: Wednesday, July 20, 2005 5:33 AM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: automatically detect isa server problem
> > >
> > > http://www.ISAserver.org
> > >
> > > ARRRGGG!
> > >
> > > Join that ISA firewall to the domain ASAP. It's a more secure
> > > config and
> > > then your Firewall clients will work (which is just one
> of the many
> > > reasons why a domain joined ISA firewall is more secure).
> > >
> > > I always join ISA firewalls to the domain when
> appropriate. The only
> > > time when it wouldn't provide an enhanced security posture is
> > > in a back
> > > to back config, when the front end isn't doing any auth
chores and
> > > you're running an anonymous access DMZ between the front
> > end and back
> > > end.
> > >
> > > HTH,
> > >
> > > Tom
> > > www.isaserver.org/shinder
> > > Tom and Deb Shinder's Configuring ISA Server 2004
> > > http://tinyurl.com/3xqb7
> > > MVP -- ISA Firewalls
> > >
> > >
> > >
> > > > -----Original Message-----
> > > > From: jankees [mailto:jankees@xxxxxxx] On Behalf Of info
> > > > Sent: Wednesday, July 20, 2005 7:29 AM
> > > > To: [ISAserver.org Discussion List]
> > > > Subject: [isalist] RE: automatically detect isa server problem
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > > Firewall is a standalone server. (not member of any domain)
> > > Client is
> > > > not member of any domain.
> > > > DNS server is AD domain controller. (this is my
> personal exchange
> > > > server, hence the AD.....)
> > > >
> > > > -----Original Message-----
> > > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> > > > Sent: Wednesday, July 20, 2005 2:19 PM
> > > > To: [ISAserver.org Discussion List]
> > > > Subject: [isalist] RE: automatically detect isa server problem
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > > Hi Info,
> > > >
> > > > Are the clients members of the same domain as the ISA
firewall?
> > > >
> > > > Tom
> > > > www.isaserver.org/shinder
> > > > Tom and Deb Shinder's Configuring ISA Server 2004
> > > > http://tinyurl.com/3xqb7
> > > > MVP -- ISA Firewalls
> > > >
> > > >
> > > >
> > > > > -----Original Message-----
> > > > > From: jankees [mailto:jankees@xxxxxxx] On Behalf Of info
> > > > > Sent: Wednesday, July 20, 2005 7:15 AM
> > > > > To: [ISAserver.org Discussion List]
> > > > > Subject: [isalist] RE: automatically detect isa
server problem
> > > > >
> > > > > http://www.ISAserver.org
> > > > >
> > > > > It takes about 4 seconds before it syas: Failed to detect
> > > > ISA Server.
> > > > >
> > > > > -----Original Message-----
> > > > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> > > > > Sent: Wednesday, July 20, 2005 2:06 PM
> > > > > To: [ISAserver.org Discussion List]
> > > > > Subject: [isalist] RE: automatically detect isa
server problem
> > > > >
> > > > > http://www.ISAserver.org
> > > > >
> > > > > Hi Info,
> > > > >
> > > > > OK, sounds good so far.
> > > > >
> > > > > What happens when you click Detect Now?
> > > > >
> > > > > Tom
> > > > > www.isaserver.org/shinder
> > > > > Tom and Deb Shinder's Configuring ISA Server 2004
> > > > > http://tinyurl.com/3xqb7
> > > > > MVP -- ISA Firewalls
> > > > >
> > > > >
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: jankees [mailto:jankees@xxxxxxx] On Behalf Of info
> > > > > > Sent: Wednesday, July 20, 2005 6:57 AM
> > > > > > To: [ISAserver.org Discussion List]
> > > > > > Subject: [isalist] RE: automatically detect isa
> server problem
> > > > > >
> > > > > > http://www.ISAserver.org
> > > > > >
> > > > > >
> > > > > > The configuration must almost be correct, since the
> > > > autodetect does
> > > > > > work, after I do an explicit "ping wpad" from the client.
> > > > > >
> > > > > >
> > > > > >
> > > > > > Dns is setup as follows:
> > > > > >
> > > > > > Wpad alias (cname) boss_lan.fels.us
> > > > > > Boss_lan host (A) 10.1.0.1
> > > > > > Boss_dmz host (A) 10.2.0.1
> > > > > >
> > > > > > Default gateway of the client is 10.1.0.1
> > > > > >
> > > > > > Client is on the "Internal" network.
> > > > > >
> > > > > > "Internal" network settings on isa firewall:
> > > > > >
> > > > > > Firewall client support is enabled.
> > > > > > Isa server name is set to "boss_lan.fels.us"
> > > > > > Automatically detect settings is selected.
> > > > > >
> > > > > > Publish automatic discovery information is selected,
> > > > default port 80
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> > > > > > Sent: Wednesday, July 20, 2005 1:26 PM
> > > > > > To: [ISAserver.org Discussion List]
> > > > > > Subject: [isalist] RE: automatically detect isa
> server problem
> > > > > >
> > > > > > http://www.ISAserver.org
> > > > > >
> > > > > > What are they?
> > > > > >
> > > > > > Tom
> > > > > > www.isaserver.org/shinder
> > > > > > Tom and Deb Shinder's Configuring ISA Server 2004
> > > > > > http://tinyurl.com/3xqb7
> > > > > > MVP -- ISA Firewalls
> > > > > >
> > > > > >
> > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: jankees [mailto:jankees@xxxxxxx] On Behalf Of info
> > > > > > > Sent: Wednesday, July 20, 2005 6:22 AM
> > > > > > > To: [ISAserver.org Discussion List]
> > > > > > > Subject: [isalist] RE: automatically detect isa
> > server problem
> > > > > > >
> > > > > > > http://www.ISAserver.org
> > > > > > >
> > > > > > > Hi there,
> > > > > > >
> > > > > > > I believe they are correct. What can I do?
> > > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> > > > > > > Sent: Wednesday, July 20, 2005 1:12 PM
> > > > > > > To: [ISAserver.org Discussion List]
> > > > > > > Subject: [isalist] RE: automatically detect isa
> > server problem
> > > > > > >
> > > > > > > http://www.ISAserver.org
> > > > > > >
> > > > > > > Hi Info,



------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: thor@xxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.


------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: gmulholland@xxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx
























All mail to and from this network has been scanned for viruses

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: thor@xxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx





Other related posts: