[isalist] Re: Auto Discovery for firewall and webproxy clients
- From: "D PIETRUSZKA USWRN INTERLINK INFRA ASST MGR" <DPietruszka@xxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Fri, 13 Apr 2007 08:25:20 -0400
Jim
Well I discovered why the firewall client was not able to authenticate
with the ISA server.
It is because our users use RSA tokens to connect to the VPN, as soon as
I created a VPN connection without RSA, the firewall client was able to
do the authentication.
Anyway I'm still having a little problem even without RSA in the middle,
for some reason when from the VPN I browse internet I'm seeing all the
traffic on the ISA log on port 80 instead of port 8080, which is what I
need and how it works for my internal users.
Do you have any idea why that can be happening?
Regards
Diego R. Pietruszka
MSC (USA) - Interlink Transport Technologies
-----Original Message-----
From: D PIETRUSZKA USWRN INTERLINK INFRA ASST MGR
Sent: Thursday, April 12, 2007 7:51 PM
To: 'isalist@xxxxxxxxxxxxx'
Subject: Re: [isalist] Re: Auto Discovery for firewall and webproxy
clients
Yes
--------------------------
Sent from my BlackBerry Wireless Device
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx <isalist-bounce@xxxxxxxxxxxxx>
To: isalist@xxxxxxxxxxxxx <isalist@xxxxxxxxxxxxx>
Sent: Thu Apr 12 18:55:18 2007
Subject: [isalist] Re: Auto Discovery for firewall and webproxy clients
http://www.ISAserver.org
-------------------------------------------------------
Did you also restart the firewall service as the KB instructed?
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of D PIETRUSZKA USWRN INTERLINK INFRA ASST MGR
Sent: Thursday, April 12, 2007 3:14 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Auto Discovery for firewall and webproxy clients
I'm using ISA2004 EE.
And I request for authentication, that is why the I guess the document
apply to my case.
--------------------------
Sent from my BlackBerry Wireless Device
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx <isalist-bounce@xxxxxxxxxxxxx>
To: isalist@xxxxxxxxxxxxx <isalist@xxxxxxxxxxxxx>
Sent: Thu Apr 12 16:28:10 2007
Subject: [isalist] Re: Auto Discovery for firewall and webproxy clients
http://www.ISAserver.org
-------------------------------------------------------
Are you using ISA 2004 or 2006?
Enterprise or Standard Edition?
The FWC cannot authenticate for configuration requests - that's the
whole point of this article and the changes to be made.
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of D PIETRUSZKA USWRN INTERLINK INFRA ASST MGR
Sent: Thursday, April 12, 2007 1:00 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Auto Discovery for firewall and webproxy clients
Well since my boss was having some rush on this issue, I crossed my
fingers and executed the VB script mentioned in the article.
Results: ...... well nothing change, but at least what was working is
still working.
Any idea on why the firewall client is not able to authenticate against
the ISA server when the user I connected to the VPN, but work fine
internally?
Thanks
Regards
Diego R. Pietruszka
MSC (USA) - Interlink Transport Technologies
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of D PIETRUSZKA USWRN INTERLINK INFRA ASST MGR
Sent: Thursday, April 12, 2007 1:21 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Auto Discovery for firewall and webproxy clients
http://www.ISAserver.org
-------------------------------------------------------
I have all my internal user's firewall client detecting automatically
the ISA server array.
The same ISA server array detected for the firewall client is acting as
my VPN server, and the clients connected to that VPN are receiving an IP
on the internal subnet range.
But they are having issues using the firewall client, actually the
firewall client is detecting the right ISA server, but can not
authenticate with it.
Of course the rule between my VPN network and my internal network (where
the ISA server reside) is ROUTE, I'm wondering if the solution on that
article will fix my issue, without affecting my already working internal
authentication with the server.
What you think?
Regards
Diego R. Pietruszka
MSC (USA) - Interlink Transport Technologies
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Jim Harrison
Sent: Wednesday, April 11, 2007 7:28 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Auto Discovery for firewall and webproxy clients
http://www.ISAserver.org
-------------------------------------------------------
http://support.microsoft.com/kb/885683
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Stephen Herrera
Sent: Wednesday, April 11, 2007 8:32 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Auto Discovery for firewall and webproxy clients
http://www.ISAserver.org
-------------------------------------------------------
I am using ISA2004 with Firewall and Web Proxy clients. I have setup the
information manually in the past without any problems. I would like to
implement auto discovery and have followed a couple of the articles on
ISAserver.org. I have:
Created the wpad entry via DNS.
Set IE to auto detect
Set the firewall client to auto detect
Verified ISA is publishing the Auto Discover via the MMC and going to
http://wpad/wpad.dat
When I couldn't connect with the firewall client I used ISA monitoring
to see what was going on. When the firewall client or web proxy client
make the initial connection they are connecting anonymously. IE brings
up an authentication window so that credentials can be entered but the
firewall client doesn't so it fails to discover the server because the
anonymous connection is denied. Did I miss a step somewhere? How can I
get both IE and the firewall client to use the credentials of the user
that is logged in? Any help is appreciated.
Steve
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
