RE: Allowing access based on IP address
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 4 Feb 2003 18:45:36 -0600
Hi Brian,
Make sure you're using either the Web Proxy or Firewall client, and keep
in mind that if the HTTP Redirector passes the request to the Web Proxy
service, it will be passed as an anonymous request.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: Brian Miyata [mailto:bmiyata@xxxxxxxxxxxxxxxxx]
Sent: Tuesday, February 04, 2003 11:02 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Allowing access based on IP address
http://www.ISAserver.org
This goes back to my original message...The only rules I have say that
you
need to be part of a global group to have access but when I uncheck the
"Ask unauthenticated users for identification" everyone goes out
anonymously whether they authenticate to the domain or not....I'll
continue to explore and test that options....Thanks, Brian
> Hi Brian,
>
> The user needs an account if you want to force authentication at the
> listener. I don't use that option, because if you configure all site
and
> content rules to require authorization of some kind, then you don't
need
> it.
>
> HTH,
> Tom
>
> Thomas W Shinder
> www.isaserver.org/shinder=20
> ISA Server and Beyond: http://tinyurl.com/1jq1
> Configuring ISA Server: http://tinyurl.com/1llp=20
>
>
> -----Original Message-----
> From: Brian Miyata [mailto:bmiyata@xxxxxxxxxxxxxxxxx]=20
> Sent: Monday, February 03, 2003 5:03 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Allowing access based on IP address
>
>
> http://www.ISAserver.org
>
>
> I guess based on the responses I got so far, there is no way for me to
> accomplish what I want to do. Since the ISA server is part of my
domain
> and "Ask unauthenticated users for identification" is enabled, users
> have
> to sign on to the domain to get access to the Internet. That means if
> we
> have an auditor come in who needs access to the Internet (but not our
> network), I cannot just let them out by IP address...I need to create
a
> domain account for them and grant that account access to the
> Internet...Please correct me if I am wrong...Thanks, Brian
>
> > Authentication is determined by the use of users/groups in the
> "applies to"
> > tab.
> >=20
> > Jim Harrison
> > MCP(NT4, W2K), A+, Network+, PCG
> > http://www.microsoft.com/isaserver
> > http://isaserver.org/Jim_Harrison
> > http://isatools.org
> >=20
> > Read the help, books and articles!
> > ----- Original Message -----
> > From: "Brian Miyata" <bmiyata@xxxxxxxxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Monday, February 03, 2003 09:32
> > Subject: [isalist] RE: Allowing access based on IP address
> >=20
> >=20
> > http://www.ISAserver.org
> >=20
> >=20
> > Where is this option to Require Authentication on Site and Content
> Rules?
> > I know on the Outgoing Web Requests there is an option to require
> > authentication. On the Site and Content rules all I am able to do
is:
> > General =3D> Create Name
> > Destinations =3D> All Destinations
> > Schedule =3D> Always
> > Action =3D> Allowed
> > Applies To =3D> Client address sets specified below
> > Client Address Set =3D> xxx.xxx.xxx.xxx
> > HTTP Content =3D> All Content Groups
> >=20
> > Thanks, Brian
> >=20
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> > ------------------------------------------------------
> > Exchange Server Resource Site: http://www.msexchange.org/
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List
as:
> > jim@xxxxxxxxxxxx
> > To unsubscribe send a blank email to
> $subst('Email.Unsub')
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> ------------------------------------------------------
> Exchange Server Resource Site: http://www.msexchange.org/
> Windows Security Resource Site: http://www.windowsecurity.com/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
