RE: General logging question
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 17 Jun 2004 17:24:15 -0500
Hi Joseph,
I wish it did :( The user account name shows that of the account you
configured for the downstream servers. If you have multiple downstream,
then you can configure a separate accout for each downstream server and
get traffic reports for each downstream, which is sort of neat :-) I
included the details of this in both the ISA 2000 in Education Kit and
the ISA 2000 Branch Office Kit. I think the Firewall and Web Proxy
chaining configs aren't used nearly enough, mostly because they were
never very well documented. The kits correct that problem!
Thanks!
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA 2004 Beta - Get it now!
http://www.microsoft.com/isaserver/beta/default.asp
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: josephk [mailto:josephk@xxxxxxxxx]
Sent: Thursday, June 17, 2004 5:09 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: General logging question
http://www.ISAserver.org
Hi Thomas,
That is a great concept! Then the logs in the upstream firewall show the
special account name you created? Or does it
Pass along the users names from the internal ISA? I should set that up
and see what the logs show. I don't suppose
That you have an article about that? <grin>
Joseph
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: Thursday, June 17, 2004 3:05 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: General logging question
http://www.ISAserver.org
Hi Joseph,
Exactly! I do create an account on the upstream ISA firewall that's used
for Firewall chaining. That allows the downstream ISA firewall to be a
firewall client of the upstream.
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA 2004 Beta - Get it now!
http://www.microsoft.com/isaserver/beta/default.asp
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: josephk [mailto:josephk@xxxxxxxxx]
Sent: Thursday, June 17, 2004 4:59 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: General logging question
http://www.ISAserver.org
Hi Thomas,
That is very true. I have a back to back network.
INTERNAL NETWORK >> ISA >> DMZ >> ISA >> INTERNET.
When I use the firewall client my internal ISA server contains the users
names in the logs. So, the internal ISA logs Can be used to determine
usage. My external ISA is not in a domain and therefore show anonymous
entries in the logs.
Thank you,
Joseph
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: Thursday, June 17, 2004 2:56 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: General logging question
http://www.ISAserver.org
Hi Shane,
Just keep in mind that the ISA firewall needs to be a member of the
domain to authenticate against the domain directory database. This is
true for both Web Proxy and Firewall clients.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA 2004 Beta - Get it now!
http://www.microsoft.com/isaserver/beta/default.asp
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: shane mullins [mailto:tsmullins@xxxxxxxxxxxxxx]
Sent: Thursday, June 17, 2004 4:49 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: General logging question
http://www.ISAserver.org
Thanks Joesph,
That is good, we already have the fw client installed most places.
Shane
----- Original Message -----
From: "josephk" <josephk@xxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Thursday, June 17, 2004 5:08 PM
Subject: [isalist] RE: General logging question
> http://www.ISAserver.org
>
> Hi Shane,
> When you look at ISA logs sometimes you will see anonymous listed in
the
> logs and not the persons name.
> So, what you're looking for is the ability to log the person name into
> the ISA logs? There are lots of ways to get that accomplished. I've
> been testing
the
> log entries based on
> Using the firewall client (thanks to Jim's article on isaserver.org)
and
> just standard secure Nat.
> When using secure Nat I don't see the users names listed in the logs.
> With the firewall client I See the users name listed in the logs. Now
> that was an easy way.
Just
> install the firewall client
> On the users work stations.
> With the web proxy client you need to set up the proxy to not allow
> anonymous connections then Every one is authenticated will have their
> names placed into the logs. You can also
> Find articles on how to set that up out on isaserver.org.
>
> Thank you,
> Joseph
>
> -----Original Message-----
> From: shane mullins [mailto:tsmullins@xxxxxxxxxxxxxx]
> Sent: Thursday, June 17, 2004 1:03 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] General logging question
>
>
> http://www.ISAserver.org
>
> Hey Guys,
>
> I have a general logging question. Here is our situation: 1. My
> boss wants to log by name 2. We have our Cisco SLB switch configured
> to load balance 3. We are moving to a 2000 AD domain
> Here is my question: Should I put the ISA box in the 2000 domain? Or
> should I use the FW client to capture the name? Or, do you have any
> other thoughts?
>
> Shane
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading
> Network Software Directory: http://www.serverfiles.com No.1 Exchange
> Server Resource Site: http://www.msexchange.org Windows Security
> Resource Site: http://www.windowsecurity.com/ Network Security
Library:
> http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> josephk@xxxxxxxxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading
> Network Software Directory: http://www.serverfiles.com No.1 Exchange
> Server Resource Site: http://www.msexchange.org Windows Security
> Resource Site: http://www.windowsecurity.com/ Network Security
> Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
tsmullins@xxxxxxxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
>
>
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server Resource Site: http://www.msexchange.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server Resource Site: http://www.msexchange.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
josephk@xxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server Resource Site: http://www.msexchange.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server Resource Site: http://www.msexchange.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
josephk@xxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Other related posts:
