Browser exceptions and FQDN internal addresses

From: nmead@xxxxxxxx
To: isalist@xxxxxxxxxxxxx
Date: Thu, 9 Dec 2004 12:37:57 -0500

I was wondering the best way to address this issue.   I need a way to
not proxy local addresses (internal web applications), so I added
*.mydomain.com, BUT I still need users to hit 'www.mydomain.com', which
is not hosted internally.   I had created a DNS entry internally for
'www' and pointed it to the correct public IP address in the hopes that
it would resolve and realize that it was in fact external, but this
appears to work spotty at best, some machines it works, some it doesn't.



In addition to the wildcard domain exception, I also have network
exceptions listed 10.*, etc. but we found that clients would still make
either initial requests to (causing 5-10 second delay) or completely
utilize the ISA server to hit internal apps without the domain
exception.


All clients are using the firewall client and I have the LAT setup with
all of our internal addresses.


The reason we need to use fqdn's for internal web applications is due to
having multiple domains on our network  (sister companies) and the users
in each domain need access to multiple 'internal' companies web
applications.  Therefore we need to address local intranet applications
via fqdn.


So is there an easier way for me to create an exception to the
*.mydomain.com browser exception?   Or will I have to enter in all
internal web applications and remove the wildcard exception?


Any ideas would be appreciated...


Thanks,


Nate

I was wondering the best way to address this issue. I need a way to not proxy local addresses (internal web applications), so I added *.mydomain.com, BUT I still need users to hit 'www.mydomain.com', which is not hosted internally. I had created a DNS entry internally for 'www' and pointed it to the correct public IP address in the hopes that it would resolve and realize that it was in fact external, but this appears to work spotty at best, some machines it works, some it doesn't.

In addition to the wildcard domain exception, I also have network exceptions listed 10.*, etc. but we found that clients would still make either initial requests to (causing 5-10 second delay) or completely utilize the ISA server to hit internal apps without the domain exception.

All clients are using the firewall client and I have the LAT setup with all of our internal addresses.

The reason we need to use fqdn's for internal web applications is due to having multiple domains on our network (sister companies) and the users in each domain need access to multiple 'internal' companies web applications. Therefore we need to address local intranet applications via fqdn.

So is there an easier way for me to create an exception to the *.mydomain.com browser exception? Or will I have to enter in all internal web applications and remove the wildcard exception?

Any ideas would be appreciated...

Thanks,

Nate

Browser exceptions and FQDN internal addresses

In addition to the wildcard domain exception, I also have network exceptions listed 10.*, etc. but we found that clients would still make either initial requests to (causing 5-10 second delay) or completely utilize the ISA server to hit internal apps without the domain exception.

All clients are using the firewall client and I have the LAT setup with all of our internal addresses.

The reason we need to use fqdn's for internal web applications is due to having multiple domains on our network (sister companies) and the users in each domain need access to multiple 'internal' companies web applications. Therefore we need to address local intranet applications via fqdn.

So is there an easier way for me to create an exception to the *.mydomain.com browser exception? Or will I have to enter in all internal web applications and remove the wildcard exception?

Any ideas would be appreciated...

Thanks,

Nate

Other related posts: