Re: HTTP Redirector that rejects all HTTP traffic

• From: "Jim Harrison" <jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 17 Dec 2002 11:04:21 -0800

Since you're using user/group-based rules with SurfControl on ISA, the best
choice is "Reject", IMHO.
That way, no one who can't auth to the ISA will get access.
Then, SC can filter to it's heart's content.

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://isaserver.org/pages/author_index.asp?aut=3
 http://isatools.org
 Read the help / books / articles!

----- Original Message -----
From: "Kincer, Rick" <Rick_Kincer@xxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, December 17, 2002 10:50 AM
Subject: [isalist] HTTP Redirector that rejects all HTTP traffic


http://www.ISAserver.org



Hello,

We have ISA Enterprise edition in Integrated mode in an NT environment being
load balanced with RainWall.

I have the HTTP Redirector disabled because I want to monitor, log and
control Internet access, but in doing so I noticed that the Firewall clients
can still access HTTP, I want to force them to be Web Clients and allow
firewall clients to be used for FTP, RA and other apps. There is a setting
in the HTTP Redirector that rejects all HTTP traffic,

My question is: If I enable the Redirector and select the Reject HTTP
selection will I still be able to log, monitor and using Site and Content
Rules control the access of those using the Firewall Client?

Will enabling this bypass the control?

Won't they be forced to be a Web Client and the Firewall client will only be
used for other apps?

I enabled the Redirector once before and our Citrix ICA clients stopped
working.


Thanks for all your help!

Rick

List Sponsored by Aspelle
Aspelle's Microsoft-centric, Aspelle Everywhere, leverages ISA server and
the Internet to quickly and cost-effectively manage and deliver secure,
client-less access to all corporate applications (Web, Unix, Windows and
legacy systems), for all users.
More info at http://www.aspelle.com/info

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » HTTP Redirector that rejects all HTTP traffic
• » Re: HTTP Redirector that rejects all HTTP traffic
• » Re: HTTP Redirector that rejects all HTTP traffic
• » Re: HTTP Redirector that rejects all HTTP traffic

1. Home
2. isalist
3. Archive
4. 12-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---