This goes back to my original message...The only rules I have say that you need to be part of a global group to have access but when I uncheck the "Ask unauthenticated users for identification" everyone goes out anonymously whether they authenticate to the domain or not....I'll continue to explore and test that options....Thanks, Brian > Hi Brian, > > The user needs an account if you want to force authentication at the > listener. I don't use that option, because if you configure all site and > content rules to require authorization of some kind, then you don't need > it. > > HTH, > Tom > > Thomas W Shinder > www.isaserver.org/shinder=20 > ISA Server and Beyond: http://tinyurl.com/1jq1 > Configuring ISA Server: http://tinyurl.com/1llp=20 > > > -----Original Message----- > From: Brian Miyata [mailto:bmiyata@xxxxxxxxxxxxxxxxx]=20 > Sent: Monday, February 03, 2003 5:03 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Allowing access based on IP address > > > http://www.ISAserver.org > > > I guess based on the responses I got so far, there is no way for me to > accomplish what I want to do. Since the ISA server is part of my domain > and "Ask unauthenticated users for identification" is enabled, users > have > to sign on to the domain to get access to the Internet. That means if > we > have an auditor come in who needs access to the Internet (but not our > network), I cannot just let them out by IP address...I need to create a > domain account for them and grant that account access to the > Internet...Please correct me if I am wrong...Thanks, Brian > > > Authentication is determined by the use of users/groups in the > "applies to" > > tab. > >=20 > > Jim Harrison > > MCP(NT4, W2K), A+, Network+, PCG > > http://www.microsoft.com/isaserver > > http://isaserver.org/Jim_Harrison > > http://isatools.org > >=20 > > Read the help, books and articles! > > ----- Original Message ----- > > From: "Brian Miyata" <bmiyata@xxxxxxxxxxxxxxxxx> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > > Sent: Monday, February 03, 2003 09:32 > > Subject: [isalist] RE: Allowing access based on IP address > >=20 > >=20 > > http://www.ISAserver.org > >=20 > >=20 > > Where is this option to Require Authentication on Site and Content > Rules? > > I know on the Outgoing Web Requests there is an option to require > > authentication. On the Site and Content rules all I am able to do is: > > General =3D> Create Name > > Destinations =3D> All Destinations > > Schedule =3D> Always > > Action =3D> Allowed > > Applies To =3D> Client address sets specified below > > Client Address Set =3D> xxx.xxx.xxx.xxx > > HTTP Content =3D> All Content Groups > >=20 > > Thanks, Brian > >=20 > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ > > ------------------------------------------------------ > > Exchange Server Resource Site: http://www.msexchange.org/ > > Windows Security Resource Site: http://www.windowsecurity.com/ > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List as: > > jim@xxxxxxxxxxxx > > To unsubscribe send a blank email to > $subst('Email.Unsub') > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ > ------------------------------------------------------ > Exchange Server Resource Site: http://www.msexchange.org/ > Windows Security Resource Site: http://www.windowsecurity.com/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe send a blank email to $subst('Email.Unsub')