The discussion centers on "autoconfiguration". This functionality is based on a request for http://wpad/wpad.dat from the browser and http://wpad/wspad.dat from the FWC. This is why I want you to examine the wpad.dat. You still have not answered the browser question. You still have not provided unfiltered log entries. This isn't magic, Roy and I don't read minds. I do tire of playing oral surgeon, though. -----Original Message----- From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx] Sent: Thursday, May 26, 2005 9:04 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Help with the web proxy setup in ISA 2004 http://www.ISAserver.org Dear Harrison-san, The setting of my present VM lab ISA box is: - Access rules only two: 1) allow internal to external/all protocol /all users 2) deny all as default - Internal Network Property: <Firewall Client> [CHECK] Enable Firewall Client support [UNCHECK] Auto detect setting [CHECK] Auto config script [SELECT] Use custom URL = http://isalocal.firewall.local:8080... [UNCHECK] Use a Web Proxy Server <Domain> *.firewall.local <Web Brower> [CHECK] Bypass Proxy for Web server in this network [CHECK] Directly Access computer specified in the Domain tab. Directly Access server & domain: *.firewall.local <Web Proxy> [CHECK] Enable Web proxy client [CHECK] HTTP at 8080 Authentication: [CHECK] Integrated/ Require All User to authenticate <Auto Discovery> No setting <Address> 10.0.0.0-10.0.0.255 Web browser setting at client end will be automatically configured by FCW setting and become WebProxy client for HTTP. I don't know why I need a wpad.dat since no auto discocery. > Please stop trimming the thread. > > I advise that you provide more than a single modified log entry. > I can't help you if you insist on filtering the data. > > Additional questions: > Q1 - exactly how is the browser configured? > Q2 - exactly what is the web proxy configuration for the Internal > network? > Q3 - when you do receive the wpad.dat file, exactly what data is found > between "{" and "}" in: > "function MakeIPs" > And > "function MakeNames()" > > > -----Original Message----- > From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx] > Sent: Thursday, May 26, 2005 3:22 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Help with the web proxy setup in ISA 2004 > > http://www.ISAserver.org > > I did understand your points, also I have took a examin at whole > logs before & after changing from FQDN to hostname. > > Anyhow, when FQDN is used, there is POPUP asking for authentication, > could you advise any possible reason? > > Thanks, > > Roy Tsao > > > Try not to "filter" the log data. > "Imaginary" information is useless. > If you have a problem sending it to the list, then you need to rethink > your security model. > "Security by obscurity is no security at all". > > Also, you should examine more than a single log entry - it's just as > likely that you're looking at the wrong one. > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > jim@xxxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned.