RE: Continued issues with particular site
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 17 Jan 2006 19:43:16 -0600
NO. NOT true. Read my previous or following message, depending on the
order they appear on the list.
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**
> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> Sent: Tuesday, January 17, 2006 6:26 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Continued issues with particular site
>
> http://www.ISAserver.org
>
> Further to my last emai, I'd just like to make sure I've got
> this straight--
>
> What use is Direct Access, and of what use is there in having
> the Firewall
> config set not to use web proxy and going into IE and set to
> not use web
> proxy and loading the firewall when it still uses the Web
> Proxy Filter if it
> is bound to HTTP?
>
> That seems ridiculous to me. To access one lousy site I have
> to unbind Web
> Proxy Filter from the HTTP protocol altogether? Doing so
> prevents me from
> using the HTTP filter as well. This surely cannot be the case, is it?
>
> t
>
> -----
> "I'll see your Llama and up you a Badger."
> John T
>
>
>
> ----- Original Message -----
> From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Tuesday, January 17, 2006 2:07 PM
> Subject: [isalist] RE: Continued issues with particular site
>
>
> http://www.ISAserver.org
>
> The FWC will stuff use the Web proxy filter if the Web proxy filter is
> still bound to the HTTP protocol. There are a number of
> workarounds, but
> the one I use because it's the easiest :) is to just unbind the Web
> proxy filter from the HTTP protocol and then configure the sites for
> Direct Access.
>
> This enables me to continue to benefit from the Web proxy
> filter and its
> HTTP security filter for Web proxy client connections
> (machines that are
> explicitly configured as Web proxy clients) and bypass the Web proxy
> filter for all SecureNAT (SecureNET) and FWC connections.
>
> Tom
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> **Who is John Galt?**
>
>
>
> > -----Original Message-----
> > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> > Sent: Tuesday, January 17, 2006 3:59 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Continued issues with particular site
> >
> > http://www.ISAserver.org
> >
> > That what I was saying to myself... the "Via" tells all. But
> > check it--
> > I've got both the IP and the *.domain.com in the direct
> > access tab for the
> > source (listening) network config, I've got the firewall
> > client loaded and
> > refreshed, I've unchecked "use proxy" on the firewall client
> > config for the
> > network config, I've made sure the client is not set to use a
> > proxy in IE.
> >
> > Yet, the capture stills says "Via."
> >
> > WTF now?
> >
> > t
> >
> > -----
> > "I'll see your Llama and up you a Badger."
> > John T
> >
> >
> >
> > ----- Original Message -----
> > From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Tuesday, January 17, 2006 1:44 PM
> > Subject: [isalist] RE: Continued issues with particular site
> >
> >
> > http://www.ISAserver.org
> >
> > That's NOT a DIRECT ACCESS connection!
> >
> > Thomas W Shinder, M.D.
> > Site: www.isaserver.org
> > Blog: http://spaces.msn.com/members/drisa/
> > Book: http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> > **Who is John Galt?**
> >
> >
> >
> > > -----Original Message-----
> > > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> > > Sent: Tuesday, January 17, 2006 3:41 PM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: Continued issues with particular site
> > >
> > > <p align=\"left\"><b><font face=\"Arial\" size=\"2\">GFI
> > > MailSecurity's HTML threat engine found HTML scripts in this
> > > email and has disabled
> them.</font></b></p>http://www.ISAserver.org
> > >
> > > So, I've basically honed it down to this. Here is what we
> > get on the
> > > external interface after the client issues the POST for the
> > > tracking number:
> > >
> > > HTTP/1.1.100.Continue..Server:.Microsoft-IIS/5.0..Date:.Tue,.1
> > > 7.Jan.2006.21:03:46.GMT....
> > > -then-
> > > HTTP/1.1.200.OK..Server:.Microsoft-IIS/5.0..Date:.Tue,.17.Jan.
> > 2006.21:03:46.GMT..Connection:.close..Content->
> > Type:.text/html..............<HTML>......<HEAD>..........<META
> > > .http-equiv="Expires".content="0">..........<META.http-equiv="
> > > Pragma".content="no-cache">..........<META.http-equiv="Cache-C
> > > ontrol".content="no-cache">.........<LINK.type="text/css".href
> > > ="include/master.css"
> > > .rel="stylesheet">..........<SCRIPT.type="text/javascript".src="
> > > include/form_validation.js"></XCRIPT>..........<SCRIPT.type="tex
> > > t/javascript".src="include/multi_onload.js"></XCRIPT>..........<
> > > TITLE>IPT,.LLC.</TITLE>......</HEAD>......<BODY.leftmargin="0".m
> > > arginheight="0".marginwidth="0".topmargin="0">..............<TAB
> > > LE.width="100%".border="0".cellspacing="0".cellpadding="0">...
> > > ...........<TR>
> > >
> > > -- with the rest of the page following.
> > >
> > > But on the internal interface, this is what goes to the client:
> > >
> > > HTTP/1.1.100.Continue..Via:.1.1.ISA-VPN..Date:.Tue,.17.Jan.200
> > > 6.21:25:31.GMT..Server:.Microsoft-IIS/5.0...
> > > .
> > > HTTP/1.1.200.OK..Via:.1.1.ISA-VPN..Connection:.close..Proxy-Co
> > nnection:.close..Date:.Tue,.17.Jan.2006.21:25:31.GMT..Content-
> > Type:.text
> > /html..Server:.Microsoft-> IIS/5.0....
> > >
> > >
> > > And that's it. It dies.
> > >
> > >
> > > WTF? Anyone? Beuller? Anyone?
> > >
> > > t
> > >
> > > -----
> > > "I'll see your Llama and up you a Badger."
> > > John T
> > >
> > >
> > >
> > > ----- Original Message -----
> > > From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > Sent: Tuesday, January 17, 2006 12:09 PM
> > > Subject: [isalist] RE: Continued issues with particular site
> > >
> > >
> > > > http://www.ISAserver.org
> > > >
> > > > That's my next step. I've compared captures from
> > > direct/ISA (which was a
> > > > waste of time) but now I'll have to see what I get in front
> > > and behind
> > > > ISA. Working on it now.
> > > >
> > > > t
> > > >
> > > > -----
> > > > "I'll see your Llama and up you a Badger."
> > > > John T
> > > >
> > > >
> > > >
> > > > ----- Original Message -----
> > > > From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
> > > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > > Sent: Tuesday, January 17, 2006 9:41 AM
> > > > Subject: [isalist] RE: Continued issues with particular site
> > > >
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > > Got captures?
> > > > We can determine a *lot* from a two-sided capture...
> > > >
> > > > -------------------------------------------------------
> > > > Jim Harrison
> > > > MCP(NT4, W2K), A+, Network+, PCG
> > > > http://isaserver.org/Jim_Harrison/
> > > > http://isatools.org
> > > > Read the help / books / articles!
> > > > -------------------------------------------------------
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> > > > Sent: Tuesday, January 17, 2006 09:06
> > > > To: [ISAserver.org Discussion List]
> > > > Subject: [isalist] Continued issues with particular site
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > > I've still not been able to solve the problem with this one
> > > particular
> > > > page on a site we must use to track service calls. My
> > > users can log on to
> > > > the site fine, and access parts of the site, but when we
> > go to this
> > > > particular page to track issues by number, it comes up with
> > > a blank page.
> > > >
> > > > "View Source" shows the right tags, <HTML> through </HTML>,
> > > but there is
> > > > no content. Accessing outside of ISA works fine. I've
> > > tried FW Client,
> > > > Proxy Client, changing authentication on both the rule and
> > > the network
> > > > proxy listener, entering "Direct Access," etc, removing the
> > > HTTP filter,
> > > > etc and nothing works.
> > > >
> > > > The logs show the site being accessed properly, though the
> > > page is blank.
> > > >
> > > > Where to turn? Is it PSS time?
> > > >
> > > > t
> > > >
> > > >
> > > >
> > > >
> > > > -----
> > > > "I'll see your Llama and up you a Badger."
> > > > John T
> > > >
> > > >
> > > >
> > > >
> > > > ------------------------------------------------------
> > > > List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > > > ISA Server FAQ:
> > http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > > ------------------------------------------------------
> > > > Visit TechGenix.com for more information about our other sites:
> > > > http://www.techgenix.com
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this ISAserver.org
> > > Discussion List as:
> > > > jim@xxxxxxxxxxxx To unsubscribe visit
> > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > >
> > > > All mail to and from this domain is GFI-scanned.
> > > >
> > > >
> > > > ------------------------------------------------------
> > > > List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > > > ISA Server FAQ:
> > http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > > ------------------------------------------------------
> > > > Visit TechGenix.com for more information about our other sites:
> > > > http://www.techgenix.com
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this ISAserver.org
> > > Discussion List as:
> > > > thor@xxxxxxxxxxxxxxx
> > > > To unsubscribe visit
> > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > >
> > > >
> > > >
> > > > ------------------------------------------------------
> > > > List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > > > ISA Server FAQ:
> > http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > > ------------------------------------------------------
> > > > Visit TechGenix.com for more information about our other sites:
> > > > http://www.techgenix.com
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this ISAserver.org
> > > Discussion List as:
> > > > thor@xxxxxxxxxxxxxxx
> > > > To unsubscribe visit
> > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > >
> > > >
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion
> > > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > > To unsubscribe visit
> > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion
> > List as:
> > thor@xxxxxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion
> > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> thor@xxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
Other related posts:
