Mark, How do I eliminate "anonymous" from my "web sessions". Have a W2k domain and an using the firewall client, on the firewall session I see username and Client fine but cant figure out the web session. Any help here appreciated. Thanks Bob Garrison Jefferson County Library Central Services 3021 High Ridge Blvd. High Ridge, MO 63049 636-677-8689 email: bgarrison@xxxxxxxxxxxxxxxxxxxxxxx <mailto:bgarrison@xxxxxxxxxxxxxxxxxxxxxxx> "It all comes down to a check box" -----Original Message----- From: Mark [mailto:marcoswelker@xxxxxxxxxxx] Sent: Monday, September 16, 2002 3:15 PM To: [ISAserver.org Discussion List] Subject: [isalist] IE - Authentication prompt once http://www.ISAserver.org Hi Guys, I´m dealing with an organization with 90.000 workstations and ISA Server will be the proxy solution. I´ve had some problems concerning MSN, ICQ etc... but it´s now solved (for more info, see att. at the end of the message). Users can access all sites and use all protocols (no problem with that). Problem: Users are being asked for authorization The first time the use IE. After this first login their credentials are stored and they are not asked for U.ID. and PSW anymore. Scenario: - W2K domain. - All clients use Firewall Client software. - Site and Protocol rules are wide open and based on groups. - The is only one Deny rule to a specific site. - "Ask unauthenticated users for identification" is checked. - Logs are perfect and you see no "anonimous" users. Please, if you could help I´d be very grateful. I´m approaching the project´s deadline. Thanks, Mark ---------------------------------------------------------- There are two problems in this situation: 1. In ISA Management, application filters, there´s one filter called: "HTTP redirector filter". If you check out it´s properties you´ll see that it redirects your firewall requests to web proxy requests cancelling your authentication. This way MSN, Yahoo, ICQ won´t pass through ISA. Set if for "Send to requested Web server". 2. There´s a BUG in the Firewall client application. Uncheck "Automatically detect ISA Server". After doing this configuration, you´ll see that a small green ball with a white point in it will appear on the Firewall client ICON. Hope this will help. ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: bgarrison@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')