Re: ISA server newbie question

• From: "Adam Hearne" <adam.hearne@xxxxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 6 Aug 2003 10:47:37 +1000

Thanks for the hasty reply Tom, if I'm not mistaken, I'm think I am
studying one of your books at the moment.  It is a pleasure to hear from
someone who has contributed so much to the industry.

Guys, I hope the following paragraph sums up the problem easily, let me
know if the description is clear or not...

The problem I was trying to communicate before was the fact that my web
browser gives a 407 (proxy Auth error) when I try to visit a page like
hotmail.com (just to clarify, I'm not trying to access the hotmail
server through outlook express, but merely trying to browse to the page
'hotmail.com' and others like it).  I have defined the appropriate
destination set, but yet the user still gets the 407 error.  Another
site that this happens with is 'oztips.com' - for some reason, just
allowing that domain in my destination sets still does not let them
access that site through the ISA server.  For simpler sites (like
'whitepages.com.au'), I only have to add the URL into the destination
set AND THEN IT WORKS PERFECTLY.  There in lies my problem.  Does the
different architecture of a site mean you have to be more specific with
ISA configurations?

Many thanks to you for reading this far.  I hope your thoughts can shed
some light on my situation.

Appreciatively,

Adam



-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] 
Sent: Wednesday, 6 August 2003 09:34
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: ISA server newbie question


http://www.ISAserver.org


Hi Adam,

If you're talking about logging into Hotmail, the issue is that the
wrong credentials are sent to the Hotmail server.

http://support.microsoft.com/default.aspx?scid=http://support.microsoft.
com:80/support/kb/articles/q287/9/21.ASP&NoWebContent=1

HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp

 


-----Original Message-----
From: Adam Hearne [mailto:adam.hearne@xxxxxxxxxxxxxxxxxxxx] 
Sent: Tuesday, August 05, 2003 6:18 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: ISA server newbie question


http://www.ISAserver.org


Jim,

You are right! It is in cache made, I only have those four protocol
defs.

So would this explain why I can't give people access to some sites that
I list in the allowed "destination set"?  To elaborate on what I mean...
We can give people access to any site by adding it in their list of
allowed destinations, but every now and then, I find a site that I can't
make accessible for the user e.g. ninemsn.com.au , for some reason
appending  it to the 'allowed destination' sets still doesn't let the
user access that site.  I carried out some packet sniffing on the
connections to these sites and noticed one thing in common: NTLM, an
example... a packet issuing the http GET command also has
NTLMSSP_NEGOTIATE information encapsulated, it is these HTTP requests
that get blocked by my ISA even if I have that domain allowed.  Would
this be a protocol issue?

Cheers guys,

Adam

Brisbane, Australia


-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] 
Sent: Tuesday, 5 August 2003 12:42
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: ISA server newbie question


http://www.ISAserver.org


How many protocol defs are in the list?
If you only have four (HTTP, HTTPS, FTP, Gopher), then your ISA is
running in Cache mode.


 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG  http://www.microsoft.com/isaserver
 http://isaserver.org/Jim_Harrison
 http://isatools.org

 Read the help, books and articles!
----- Original Message ----- 
From: "Adam" <adam.hearne@xxxxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, August 04, 2003 18:46
Subject: [isalist] ISA server newbie question


http://www.ISAserver.org


Hi guys,

Firstly I would like to say that I am happy to have stumbled upon such a
leading edge message board.

This is my first job in IT administration and in using ISA Server. My
question is one which hopefully I can look back on with you guys and
laugh about once it is solved.  It goes a little something like this...

I am unable to create a new protocol definition.  We had some
contractors in the other day and the ISA Server has a few suttle
differences. E.g. When I go to the action menu for the 'protocol
definitions' item, the drop down list does not give me the option "New >
" .  I can only select View or Refresh.  In an attempt to provide more
detail on this problem... if I try to edit an existing protocol
definition, all the fields a greyed-out and un-editable. I can edit all
other items within the policy elements section i.e., I can create a new
Schedule, Set, Group or Dial-up entry, but cannot create new Protocol
Definitions.

Has anyone had this problem before?  Is this just a matter of a simple
checkbox somewhere in ISA thats gives the option -> "Annoy the new
Network Admin after handover"

Thanks in advance for any time spent on your replies.

Adam

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
adam.hearne@xxxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
adam.hearne@xxxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')

Other related posts:

• » ISA server newbie question
• » Re: ISA server newbie question
• » Re: ISA server newbie question
• » Re: ISA server newbie question
• » Re: ISA server newbie question
• » Re: ISA server newbie question
• » Re: ISA server newbie question
• » Re: ISA server newbie question
• » Re: ISA server newbie question
• » Re: ISA server newbie question
• » Re: ISA server newbie question
• » Re: ISA server newbie question
• » Re: ISA server newbie question

1. Home
2. isalist
3. Archive
4. 08-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---