Thanks for the hasty reply Tom, if I'm not mistaken, I'm think I am studying one of your books at the moment. It is a pleasure to hear from someone who has contributed so much to the industry. Guys, I hope the following paragraph sums up the problem easily, let me know if the description is clear or not... The problem I was trying to communicate before was the fact that my web browser gives a 407 (proxy Auth error) when I try to visit a page like hotmail.com (just to clarify, I'm not trying to access the hotmail server through outlook express, but merely trying to browse to the page 'hotmail.com' and others like it). I have defined the appropriate destination set, but yet the user still gets the 407 error. Another site that this happens with is 'oztips.com' - for some reason, just allowing that domain in my destination sets still does not let them access that site through the ISA server. For simpler sites (like 'whitepages.com.au'), I only have to add the URL into the destination set AND THEN IT WORKS PERFECTLY. There in lies my problem. Does the different architecture of a site mean you have to be more specific with ISA configurations? Many thanks to you for reading this far. I hope your thoughts can shed some light on my situation. Appreciatively, Adam -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Wednesday, 6 August 2003 09:34 To: [ISAserver.org Discussion List] Subject: [isalist] Re: ISA server newbie question http://www.ISAserver.org Hi Adam, If you're talking about logging into Hotmail, the issue is that the wrong credentials are sent to the Hotmail server. http://support.microsoft.com/default.aspx?scid=http://support.microsoft. com:80/support/kb/articles/q287/9/21.ASP&NoWebContent=1 HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Adam Hearne [mailto:adam.hearne@xxxxxxxxxxxxxxxxxxxx] Sent: Tuesday, August 05, 2003 6:18 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: ISA server newbie question http://www.ISAserver.org Jim, You are right! It is in cache made, I only have those four protocol defs. So would this explain why I can't give people access to some sites that I list in the allowed "destination set"? To elaborate on what I mean... We can give people access to any site by adding it in their list of allowed destinations, but every now and then, I find a site that I can't make accessible for the user e.g. ninemsn.com.au , for some reason appending it to the 'allowed destination' sets still doesn't let the user access that site. I carried out some packet sniffing on the connections to these sites and noticed one thing in common: NTLM, an example... a packet issuing the http GET command also has NTLMSSP_NEGOTIATE information encapsulated, it is these HTTP requests that get blocked by my ISA even if I have that domain allowed. Would this be a protocol issue? Cheers guys, Adam Brisbane, Australia -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Tuesday, 5 August 2003 12:42 To: [ISAserver.org Discussion List] Subject: [isalist] Re: ISA server newbie question http://www.ISAserver.org How many protocol defs are in the list? If you only have four (HTTP, HTTPS, FTP, Gopher), then your ISA is running in Cache mode. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Adam" <adam.hearne@xxxxxxxxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Monday, August 04, 2003 18:46 Subject: [isalist] ISA server newbie question http://www.ISAserver.org Hi guys, Firstly I would like to say that I am happy to have stumbled upon such a leading edge message board. This is my first job in IT administration and in using ISA Server. My question is one which hopefully I can look back on with you guys and laugh about once it is solved. It goes a little something like this... I am unable to create a new protocol definition. We had some contractors in the other day and the ISA Server has a few suttle differences. E.g. When I go to the action menu for the 'protocol definitions' item, the drop down list does not give me the option "New > " . I can only select View or Refresh. In an attempt to provide more detail on this problem... if I try to edit an existing protocol definition, all the fields a greyed-out and un-editable. I can edit all other items within the policy elements section i.e., I can create a new Schedule, Set, Group or Dial-up entry, but cannot create new Protocol Definitions. Has anyone had this problem before? Is this just a matter of a simple checkbox somewhere in ISA thats gives the option -> "Annoy the new Network Admin after handover" Thanks in advance for any time spent on your replies. Adam ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: adam.hearne@xxxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: adam.hearne@xxxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')