Hi Brian, Make sure you're using either the Web Proxy or Firewall client, and keep in mind that if the HTTP Redirector passes the request to the Web Proxy service, it will be passed as an anonymous request. HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Brian Miyata [mailto:bmiyata@xxxxxxxxxxxxxxxxx] Sent: Tuesday, February 04, 2003 11:02 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Allowing access based on IP address http://www.ISAserver.org This goes back to my original message...The only rules I have say that you need to be part of a global group to have access but when I uncheck the "Ask unauthenticated users for identification" everyone goes out anonymously whether they authenticate to the domain or not....I'll continue to explore and test that options....Thanks, Brian > Hi Brian, > > The user needs an account if you want to force authentication at the > listener. I don't use that option, because if you configure all site and > content rules to require authorization of some kind, then you don't need > it. > > HTH, > Tom > > Thomas W Shinder > www.isaserver.org/shinder=20 > ISA Server and Beyond: http://tinyurl.com/1jq1 > Configuring ISA Server: http://tinyurl.com/1llp=20 > > > -----Original Message----- > From: Brian Miyata [mailto:bmiyata@xxxxxxxxxxxxxxxxx]=20 > Sent: Monday, February 03, 2003 5:03 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Allowing access based on IP address > > > http://www.ISAserver.org > > > I guess based on the responses I got so far, there is no way for me to > accomplish what I want to do. Since the ISA server is part of my domain > and "Ask unauthenticated users for identification" is enabled, users > have > to sign on to the domain to get access to the Internet. That means if > we > have an auditor come in who needs access to the Internet (but not our > network), I cannot just let them out by IP address...I need to create a > domain account for them and grant that account access to the > Internet...Please correct me if I am wrong...Thanks, Brian > > > Authentication is determined by the use of users/groups in the > "applies to" > > tab. > >=20 > > Jim Harrison > > MCP(NT4, W2K), A+, Network+, PCG > > http://www.microsoft.com/isaserver > > http://isaserver.org/Jim_Harrison > > http://isatools.org > >=20 > > Read the help, books and articles! > > ----- Original Message ----- > > From: "Brian Miyata" <bmiyata@xxxxxxxxxxxxxxxxx> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > > Sent: Monday, February 03, 2003 09:32 > > Subject: [isalist] RE: Allowing access based on IP address > >=20 > >=20 > > http://www.ISAserver.org > >=20 > >=20 > > Where is this option to Require Authentication on Site and Content > Rules? > > I know on the Outgoing Web Requests there is an option to require > > authentication. On the Site and Content rules all I am able to do is: > > General =3D> Create Name > > Destinations =3D> All Destinations > > Schedule =3D> Always > > Action =3D> Allowed > > Applies To =3D> Client address sets specified below > > Client Address Set =3D> xxx.xxx.xxx.xxx > > HTTP Content =3D> All Content Groups > >=20 > > Thanks, Brian > >=20 > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ > > ------------------------------------------------------ > > Exchange Server Resource Site: http://www.msexchange.org/ > > Windows Security Resource Site: http://www.windowsecurity.com/ > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List as: > > jim@xxxxxxxxxxxx > > To unsubscribe send a blank email to > $subst('Email.Unsub') > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ > ------------------------------------------------------ > Exchange Server Resource Site: http://www.msexchange.org/ > Windows Security Resource Site: http://www.windowsecurity.com/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')