RE: ISA 2004 SP2 and Direct Access
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 8 Feb 2006 12:27:15 -0600
Hi Tiago,
Perhaps. If you depend on your Direct Access list (and who doesn't?). Its
already caused me some lost hours of sleep, but I haven't characterized it as
well as Stefaan has, since I've found workarounds for the problem. I don't want
to do an article on it until the problem has been characterized better by MS. I
*suspect* its a known problem internally, but they don't want to say anything
until they have a fix or workaround.
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: Tiago de Aviz [mailto:Tiago@xxxxxxxxxxxxxxx]
Sent: Wednesday, February 08, 2006 12:03 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 SP2 and Direct Access
http://www.ISAserver.org
I guess I'll hold the SP2 upgrade 'till this is settled =)
Tiago de Aviz
SoftSell - Curitiba
(41) 3340-2363
www.softsell.com.br
Esta mensagem, incluindo seus anexos, tem caráter confidencial e seu conteúdo é
restrito ao destinatário da mensagem. Caso você tenha recebido esta mensagem
por engano, queira por favor retorná-la ao destinatário e apagá-la de seus
arquivos. Qualquer uso não autorizado, replicação ou disseminação desta
mensagem ou parte dela é expressamente proibido. A SoftSell não é responsável
pelo conteúdo ou a veracidade desta informação.
>>> tshinder@xxxxxxxxxxx 8/2/2006 15:21 >>>
http://www.ISAserver.org
Hi Stefaan,
Ha! I thought I was going crazy when I kept saying that SP2 broke Direct
Access. I'm glad you're seeing the same thing. I thought perhaps it was
something whack with my test bed.
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
-----Original Message-----
From: Stefaan Pouseele [mailto:Stefaan.Pouseele@xxxxxxx]
Sent: Wednesday, February 08, 2006 10:42 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] ISA 2004 SP2 and Direct Access
http://www.ISAserver.org
Hey guys,
There is a change in behavior if you configure sites for direct access
(ISA Internal Network properties -> Web Browser). It doesn't work the
same as in SP1!
This is the configuration: a workstation with the Firewall client
installed and IE configured with the routing script.
1. If you configure only the IP range for direct access:
a) a request by FQDN in IE is sent as a Web Proxy client request.
b) a request by IP in IE is sent as a Firewall client request.
2. If you configure only the domain for direct access:
a) a request by FQDN in IE is sent as a Web Proxy client request.
b) a request by IP in IE is sent as a Web Proxy client request.
3. If you configure both the domain *and* the corresponding IP range for
direct access:
a) a request by FQDN in IE is sent as a Firewall client request.
b) a request by IP in IE is sent as a Firewall client request.
So, the question is obviously why is for case 2.a the request not sent
as a Firewall client request (this was the behavior in SP1)?
Is this a bug and is there a workaround other than adding the
corresponding IP range?
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
