Hi Ravesh, The answer is to configure the sites for Direct Access. HTH, Tom -----Original Message----- From: Ramdhari, Ravesh [mailto:ravesh@xxxxxxxxxxxxxxxxx] Sent: Wednesday, September 01, 2004 1:35 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA 2000 Cache Mode http://www.ISAserver.org Good morning guys. This is where we are. The isa server is installed natted private/public address. If pc's don't use the proxy then they are able to use MSN. All pc's are behind a pix 515 firewall. After chatting to Ricky from ISAserver.org yesterday. He also mentioned that I should bypass the proxy by setting up IM to pass traffic thru to the Pix. I will be testing this today and will send out an update. As per Troy: If it's in Cache only mode, then there isn't a firewall to stop it from Working. I agree the isa server in my opinion should not be blocking this as the server is in Cache mode. However when user browse via the pix they don't have issues. Meaning the pix ports are opened. Still don't understand why it gets blocked. I have an idea that the ISA is designed in a way that if you say "All destinations" then only applies to destinations listed in Protocol definitions. Thank guys for the assistance. Ravesh -----Original Message----- From: Troy Radtke [mailto:TRadtke@xxxxxxxxxxxx] Sent: Tuesday, August 31, 2004 8:04 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA 2000 Cache Mode http://www.ISAserver.org So there are known issues with running ISA in cache only mode with IM clients? I thought that the ISA wouldn't do anything then. Just pass the data through onto the next default gateway.\ Sorry if I'm having a major brain disconnect on this, but I want to make sure I'm understanding..... -----Original Message----- From: Quillman Shawn (RBNA/CSA1) * [mailto:Shawn.Quillman@xxxxxxxxxxxx] Sent: Tuesday, August 31, 2004 12:14 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA 2000 Cache Mode http://www.ISAserver.org Regardless of what ports are in use http requests would get sent to whatever proxy the client is configured for. If it's the ISA then there'll be issues. I agree with you on the other firewall thing. If there's another firewall product in the mix here then configure it to be the IM gateway and unconfig the ISA from the clients. -Shawn ----- Shawn R. Quillman Robert Bosch Corporation RBNA/CSA1 38000 Hills Tech Drive Farmington Hills, MI 48331 (248) 553-1164 (P) (248) 848-6969 (F) shawn.quillman@xxxxxxxxxxxx -----Original Message----- From: Troy Radtke [mailto:TRadtke@xxxxxxxxxxxx] Sent: Tuesday, August 31, 2004 12:42 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA 2000 Cache Mode http://www.ISAserver.org OK, I see your point about the client forwarding HTTP requests, but I thought that IM clients run on their own ports? If they're defaulting to port 80, then I'd say there's another firewall involved that should be reconfigured to better support them, and not shove it off to the proxy system to do support for it. Man, I need another soda.... -----Original Message----- From: Quillman Shawn (RBNA/CSA1) * [mailto:Shawn.Quillman@xxxxxxxxxxxx] Sent: Tuesday, August 31, 2004 11:29 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA 2000 Cache Mode http://www.ISAserver.org It is the ISA if the clients are set to forward HTTP requests to the ISA. But that's just the http part of Messenger. In this case you'd have to hope that the upstream firewall supports the messenger protocols to use the full feature set of messenger. ----- Shawn R. Quillman Robert Bosch Corporation RBNA/CSA1 38000 Hills Tech Drive Farmington Hills, MI 48331 (248) 553-1164 (P) (248) 848-6969 (F) shawn.quillman@xxxxxxxxxxxx -----Original Message----- From: Troy Radtke [mailto:TRadtke@xxxxxxxxxxxx] Sent: Tuesday, August 31, 2004 12:26 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA 2000 Cache Mode http://www.ISAserver.org Well, if there was an upstream doing the blocking, it's still not the proxy ISA that's causing the issue. This probably should be attacked from a different angle (i.e. your upstream firewall causing the issue) Or am I way off the mark? On call this week and not a lot of sleep last night...... I might be in my own little world today..... -----Original Message----- From: Quillman Shawn (RBNA/CSA1) * [mailto:Shawn.Quillman@xxxxxxxxxxxx] Sent: Tuesday, August 31, 2004 11:23 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA 2000 Cache Mode http://www.ISAserver.org You're assuming that there is not an upstream firewall that the ISA is passing traffic to. Messenger does its thing mainly over http so the ISA would need to be configured to allow things through (which may or may not happen depending on what features of Messenger are desired - see Greg's msg below). Unless the ISA is bypassed, obviously, but I would assume that's not the desire here. My guess is that Greg is correct. Ixnay on the ideovay. -Shawn ----- Shawn R. Quillman Robert Bosch Corporation RBNA/CSA1 38000 Hills Tech Drive Farmington Hills, MI 48331 (248) 553-1164 (P) (248) 848-6969 (F) shawn.quillman@xxxxxxxxxxxx -----Original Message----- From: Troy Radtke [mailto:TRadtke@xxxxxxxxxxxx] Sent: Tuesday, August 31, 2004 12:16 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA 2000 Cache Mode http://www.ISAserver.org If it's in Cache only mode, then there isn't a firewall to stop it from working. Sounds like you have another issue.... Think of ISA in this case as a network bridge with a hard drive.... -----Original Message----- From: Ramdhari, Ravesh [mailto:ravesh@xxxxxxxxxxxxxxxxx] Sent: Tuesday, August 31, 2004 8:52 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA 2000 Cache Mode http://www.ISAserver.org Hi Greg, I will test this and let you know. However I don't need voice and video, so here's a plus for now. Thanks -----Original Message----- From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx] Sent: Tuesday, August 31, 2004 2:09 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA 2000 Cache Mode http://www.ISAserver.org <rant>Obviously we need to make it easier for people to find the right information, short of running "search the web classes" because this topic comes up as much as anything else and the answer is always the same. </rant> Get Jim's msnim.zip file and run the extracted script on your ISA. This will create the necessary protocols for MSN. However, since you didn't say, I'll assume you want to use voice and video, well here's the thing, you cant. Messenger voice and video uses SIP which ISA as yet, doesn't support. Until then your toast, unless of course the person initiating the call is not behind a NAT service, like ISA or some kind of NAT firewall. If you want voice and video try net meeting, works well with ISA. Greg -----Original Message----- From: Ravesh [mailto:Ravesh@xxxxxxxxxxxxxxxxx] Sent: Tuesday, August 31, 2004 10:51 PM To: [ISAserver.org Discussion List] Subject: [isalist] ISA 2000 Cache Mode http://www.ISAserver.org Good day All I have an ISA 2000 server that has ISA SP2 installed. The server is setup in Cache/Proxy mode and now I need to get MSN messenger working thru the server. Please assist. Many thanks Ravesh ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: shawn.quillman@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tradtke@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: shawn.quillman@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tradtke@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: shawn.quillman@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tradtke@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: Ravesh@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx