Hi Joseph, I wish it did :( The user account name shows that of the account you configured for the downstream servers. If you have multiple downstream, then you can configure a separate accout for each downstream server and get traffic reports for each downstream, which is sort of neat :-) I included the details of this in both the ISA 2000 in Education Kit and the ISA 2000 Branch Office Kit. I think the Firewall and Web Proxy chaining configs aren't used nearly enough, mostly because they were never very well documented. The kits correct that problem! Thanks! Tom Thomas W Shinder www.isaserver.org/shinder ISA 2004 Beta - Get it now! http://www.microsoft.com/isaserver/beta/default.asp ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: josephk [mailto:josephk@xxxxxxxxx] Sent: Thursday, June 17, 2004 5:09 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: General logging question http://www.ISAserver.org Hi Thomas, That is a great concept! Then the logs in the upstream firewall show the special account name you created? Or does it Pass along the users names from the internal ISA? I should set that up and see what the logs show. I don't suppose That you have an article about that? <grin> Joseph -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Thursday, June 17, 2004 3:05 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: General logging question http://www.ISAserver.org Hi Joseph, Exactly! I do create an account on the upstream ISA firewall that's used for Firewall chaining. That allows the downstream ISA firewall to be a firewall client of the upstream. Tom Thomas W Shinder www.isaserver.org/shinder ISA 2004 Beta - Get it now! http://www.microsoft.com/isaserver/beta/default.asp ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: josephk [mailto:josephk@xxxxxxxxx] Sent: Thursday, June 17, 2004 4:59 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: General logging question http://www.ISAserver.org Hi Thomas, That is very true. I have a back to back network. INTERNAL NETWORK >> ISA >> DMZ >> ISA >> INTERNET. When I use the firewall client my internal ISA server contains the users names in the logs. So, the internal ISA logs Can be used to determine usage. My external ISA is not in a domain and therefore show anonymous entries in the logs. Thank you, Joseph -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Thursday, June 17, 2004 2:56 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: General logging question http://www.ISAserver.org Hi Shane, Just keep in mind that the ISA firewall needs to be a member of the domain to authenticate against the domain directory database. This is true for both Web Proxy and Firewall clients. HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA 2004 Beta - Get it now! http://www.microsoft.com/isaserver/beta/default.asp ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: shane mullins [mailto:tsmullins@xxxxxxxxxxxxxx] Sent: Thursday, June 17, 2004 4:49 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: General logging question http://www.ISAserver.org Thanks Joesph, That is good, we already have the fw client installed most places. Shane ----- Original Message ----- From: "josephk" <josephk@xxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Thursday, June 17, 2004 5:08 PM Subject: [isalist] RE: General logging question > http://www.ISAserver.org > > Hi Shane, > When you look at ISA logs sometimes you will see anonymous listed in the > logs and not the persons name. > So, what you're looking for is the ability to log the person name into > the ISA logs? There are lots of ways to get that accomplished. I've > been testing the > log entries based on > Using the firewall client (thanks to Jim's article on isaserver.org) and > just standard secure Nat. > When using secure Nat I don't see the users names listed in the logs. > With the firewall client I See the users name listed in the logs. Now > that was an easy way. Just > install the firewall client > On the users work stations. > With the web proxy client you need to set up the proxy to not allow > anonymous connections then Every one is authenticated will have their > names placed into the logs. You can also > Find articles on how to set that up out on isaserver.org. > > Thank you, > Joseph > > -----Original Message----- > From: shane mullins [mailto:tsmullins@xxxxxxxxxxxxxx] > Sent: Thursday, June 17, 2004 1:03 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] General logging question > > > http://www.ISAserver.org > > Hey Guys, > > I have a general logging question. Here is our situation: 1. My > boss wants to log by name 2. We have our Cisco SLB switch configured > to load balance 3. We are moving to a 2000 AD domain > Here is my question: Should I put the ISA box in the 2000 domain? Or > should I use the FW client to capture the name? Or, do you have any > other thoughts? > > Shane > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com Leading > Network Software Directory: http://www.serverfiles.com No.1 Exchange > Server Resource Site: http://www.msexchange.org Windows Security > Resource Site: http://www.windowsecurity.com/ Network Security Library: > http://www.secinf.net/ Windows 2000/NT Fax Solutions: > http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > josephk@xxxxxxxxxxxxxxxxx To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com Leading > Network Software Directory: http://www.serverfiles.com No.1 Exchange > Server Resource Site: http://www.msexchange.org Windows Security > Resource Site: http://www.windowsecurity.com/ Network Security > Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: > http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: tsmullins@xxxxxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: josephk@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: josephk@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist