[isalist] Re: ISA 2006 Secure Internet Access - AD User list

• From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
• To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx>
• Date: Sun, 24 Sep 2006 01:30:05 -0700

Are the users FW clients, proxy clients or SNAT clients?  SNAT clients can
only be controlled by IP, not group membership...  When the users are being
denied, what does the log say?

t


On 9/24/06 1:17 AM, "Gene Sibbs" <gen_sib@xxxxxxxxx> spoketh to all:

> Greetings,
>   
>  
>   
> I have asked this Q before, but I am stumbling a bit.
>   
>  
>   
> Management wants to see which sites users have been accessing.
>   
>  
>   
> Action:
>   
>  
>   
> In Active Directory I created ³Allow Internet Access², and then populated this
> group with a list of users.
>   
>  
>   
> In ISA Server Management ­ Firewall Policy ­ I created an internet access rule
> called ³Allow Web traffic to Internet² this rule applies to ftp, http, and
> https protocols.  From ³internal, localhost²  - TO ³external².
>   
>  
>   
> Created New User Set called ³Allow Internet Access² and then added windows
> group I created in AD called ³Allow Internet Access².
>   
>  
>   
> Under user sets I removed ³All Users², and left Allow Internet Access. This
> kills all the access to the internet period.
>   
>  
>   
> Where am I messing up here?
>   
>  
>   
> Please point me to the right hill.
>   
>  
>   
> Thanks 
>   
>  
>   
> Gene
>   
>  
>  
> 
> Get your email and more, right on the  new Yahoo.com
> <http://us.rd.yahoo.com/evt=42973/*http://www.yahoo.com/preview>

• References:
  • [isalist] ISA 2006 Secure Internet Access - AD User list
    • From: Gene Sibbs

Other related posts:

• » [isalist] ISA 2006 Secure Internet Access - AD User list
• » [isalist] Re: ISA 2006 Secure Internet Access - AD User list

1. Home
2. isalist
3. Archive
4. 09-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---