RE: ISA 2000 Cache Mode

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 1 Sep 2004 01:42:17 -0500

Hi Ravesh,

The answer is to configure the sites for Direct Access.

HTH,
Tom 

-----Original Message-----
From: Ramdhari, Ravesh [mailto:ravesh@xxxxxxxxxxxxxxxxx] 
Sent: Wednesday, September 01, 2004 1:35 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2000 Cache Mode

http://www.ISAserver.org

Good morning guys.

This is where we are. 
The isa server is installed natted private/public address. If pc's don't
use the proxy then they are able to use MSN. All pc's are behind a pix
515 firewall.
After chatting to Ricky from ISAserver.org yesterday. He also mentioned
that I should bypass the proxy by setting up IM to pass traffic thru to
the Pix. I will be testing this today and will send out an update.

As per Troy:
If it's in Cache only mode, then there isn't a firewall to stop it from
Working. 

I agree the isa server in my opinion should not be blocking this as the
server is in Cache mode. However when user browse via the pix they don't
have issues. Meaning the pix ports are opened. Still don't understand
why it gets blocked. I have an idea that the ISA is designed in a way
that if you say "All destinations" then only applies to destinations
listed in Protocol definitions.

Thank guys for the assistance.
Ravesh 

-----Original Message-----
From: Troy Radtke [mailto:TRadtke@xxxxxxxxxxxx]
Sent: Tuesday, August 31, 2004 8:04 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2000 Cache Mode

http://www.ISAserver.org

So there are known issues with running ISA in cache only mode with IM
clients?  I thought that the ISA wouldn't do anything then.  Just pass
the data through onto the next default gateway.\

Sorry if I'm having a major brain disconnect on this, but I want to make
sure I'm understanding.....

-----Original Message-----
From: Quillman Shawn (RBNA/CSA1) * [mailto:Shawn.Quillman@xxxxxxxxxxxx]
Sent: Tuesday, August 31, 2004 12:14 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2000 Cache Mode


http://www.ISAserver.org


Regardless of what ports are in use http requests would get sent to
whatever
proxy the client is configured for.  If it's the ISA then there'll be
issues.  I agree with you on the other firewall thing.  If there's
another
firewall product in the mix here then configure it to be the IM gateway
and
unconfig the ISA from the clients.

-Shawn


-----
Shawn R. Quillman
Robert Bosch Corporation RBNA/CSA1
38000 Hills Tech Drive
Farmington Hills, MI 48331
(248) 553-1164 (P) (248) 848-6969 (F) shawn.quillman@xxxxxxxxxxxx

-----Original Message-----
From: Troy Radtke [mailto:TRadtke@xxxxxxxxxxxx] 
Sent: Tuesday, August 31, 2004 12:42 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2000 Cache Mode

http://www.ISAserver.org

OK, I see your point about the client forwarding HTTP requests, but I
thought that IM clients run on their own ports?  If they're defaulting
to
port 80, then I'd say there's another firewall involved that should be
reconfigured to better support them, and not shove it off to the proxy
system to do support for it.

Man, I need another soda....

-----Original Message-----
From: Quillman Shawn (RBNA/CSA1) * [mailto:Shawn.Quillman@xxxxxxxxxxxx]
Sent: Tuesday, August 31, 2004 11:29 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2000 Cache Mode


http://www.ISAserver.org


It is the ISA if the clients are set to forward HTTP requests to the
ISA.
But that's just the http part of Messenger.  In this case you'd have to
hope
that the upstream firewall supports the messenger protocols to use the
full
feature set of messenger. 


-----
Shawn R. Quillman
Robert Bosch Corporation RBNA/CSA1
38000 Hills Tech Drive
Farmington Hills, MI 48331
(248) 553-1164 (P) (248) 848-6969 (F) shawn.quillman@xxxxxxxxxxxx

-----Original Message-----
From: Troy Radtke [mailto:TRadtke@xxxxxxxxxxxx] 
Sent: Tuesday, August 31, 2004 12:26 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2000 Cache Mode

http://www.ISAserver.org

Well, if there was an upstream doing the blocking, it's still not the
proxy
ISA that's causing the issue.  This probably should be attacked from a
different angle (i.e. your upstream firewall causing the issue)

Or am I way off the mark?  On call this week and not a lot of sleep last
night......  I might be in my own little world today.....

-----Original Message-----
From: Quillman Shawn (RBNA/CSA1) * [mailto:Shawn.Quillman@xxxxxxxxxxxx]
Sent: Tuesday, August 31, 2004 11:23 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2000 Cache Mode


http://www.ISAserver.org


You're assuming that there is not an upstream firewall that the ISA is
passing traffic to.  Messenger does its thing mainly over http so the
ISA
would need to be configured to allow things through (which may or may
not
happen depending on what features of Messenger are desired - see Greg's
msg
below).  Unless the ISA is bypassed, obviously, but I would assume
that's
not the desire here. 

My guess is that Greg is correct.  Ixnay on the ideovay.

-Shawn

-----
Shawn R. Quillman
Robert Bosch Corporation RBNA/CSA1
38000 Hills Tech Drive
Farmington Hills, MI 48331
(248) 553-1164 (P) (248) 848-6969 (F) shawn.quillman@xxxxxxxxxxxx

-----Original Message-----
From: Troy Radtke [mailto:TRadtke@xxxxxxxxxxxx] 
Sent: Tuesday, August 31, 2004 12:16 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2000 Cache Mode

http://www.ISAserver.org

If it's in Cache only mode, then there isn't a firewall to stop it from
working.  Sounds like you have another issue....  Think of ISA in this
case
as a network bridge with a hard drive....

-----Original Message-----
From: Ramdhari, Ravesh [mailto:ravesh@xxxxxxxxxxxxxxxxx]
Sent: Tuesday, August 31, 2004 8:52 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2000 Cache Mode


http://www.ISAserver.org

Hi Greg,

I will test this and let you know. However I don't need voice and video,
so
here's a plus for now.

Thanks 

-----Original Message-----
From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx] 
Sent: Tuesday, August 31, 2004 2:09 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2000 Cache Mode

http://www.ISAserver.org



<rant>Obviously we need to make it easier for people to find the right
information, short of running "search the web classes" because this
topic
comes up as much as anything else and the answer is always the same. 
</rant>

Get Jim's msnim.zip file and run the extracted script on your ISA. This
will
create the necessary protocols for MSN. However, since you didn't say,
I'll
assume you want to use voice and video, well here's the thing, you cant.
Messenger voice and video uses SIP which ISA as yet, doesn't support.
Until
then your toast, unless of course the person initiating the call is not
behind a NAT service, like ISA or some kind of NAT firewall. If you want
voice and video try net meeting, works well with ISA. 

Greg


-----Original Message-----
From: Ravesh [mailto:Ravesh@xxxxxxxxxxxxxxxxx] 
Sent: Tuesday, August 31, 2004 10:51 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] ISA 2000 Cache Mode

http://www.ISAserver.org

Good day All

I have an ISA 2000 server that has ISA SP2 installed. The server is
setup in
Cache/Proxy mode and now I need to get MSN messenger working thru the
server. Please assist.

Many thanks
Ravesh

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server
Resource Site: http://www.msexchange.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
shawn.quillman@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server
Resource Site: http://www.msexchange.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tradtke@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server
Resource Site: http://www.msexchange.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
shawn.quillman@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server
Resource Site: http://www.msexchange.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tradtke@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server
Resource Site: http://www.msexchange.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
shawn.quillman@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server
Resource Site: http://www.msexchange.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tradtke@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
Ravesh@xxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode
• » RE: ISA 2000 Cache Mode

1. Home
2. isalist
3. Archive
4. 09-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---