RE: ISA 2004 webproxy traffic

• From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 31 May 2005 07:48:00 -0700

Web Proxy traffic is unique because ISA handles it at two separate level
(web proxy and firewall) where other protocols (FTP, SMTP, etc.) are
only handled by the firewall.
Trust me - you *want* this additional logging.

You can't "install" web proxy and SecureNET clients - they're
configuration settings.

-----Original Message-----
From: tim S [mailto:tim724342@xxxxxxxxx] 
Sent: Tuesday, May 31, 2005 7:42 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] ISA 2004 webproxy traffic

http://www.ISAserver.org 
Hi,
 
When I look at the firewall log for webproxy traffic, I see two lines
per web request.  One line is for traffic from the client to Local Host
Network (ISA's internal NIC on port 8080).  A second line is for the
traffic from Local Host Network (Primary IP number on external NIC) to
the destination webserver.  Is there anyway I can have the ISA log only
the internal client IP to the destination webserver IP?  Also, it shows
protocol as "unidentified IP traffic" as 8080 is not a well defined port
number.  
 
Other protocols (or non-webproxy related traffics)  shows a single line
with client IP and destination server's IP.  My clients have all three
ISA clients installed.  Thanks
 
    

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com
------------------------------------------------------ List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server
Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server
FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------ Other Internet
Software Marketing Sites: World of Windows Networking:
http://www.windowsnetworking.com Leading Network Software Directory:
http://www.serverfiles.com No.1 Exchange Server Resource Site:
http://www.msexchange.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------ You are currently
subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To
unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.

Other related posts:

• » ISA 2004 webproxy traffic
• » RE: ISA 2004 webproxy traffic
• » RE: ISA 2004 webproxy traffic

1. Home
2. isalist
3. Archive
4. 05-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---