What firewall version? Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls > -----Original Message----- > From: Matthew @ Telavoco [mailto:matthew@xxxxxxxxxxxx] > Sent: Friday, September 16, 2005 10:07 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: ISA server not relaying clients IP to > web server. > > http://www.ISAserver.org > > Does anyone have any more thoughts on this? > > > -----Original Message----- > From: Matthew @ Telavoco [mailto:matthew@xxxxxxxxxxxx] > Sent: 16 September 2005 00:13 > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: ISA server not relaying clients IP to > web server. > > http://www.ISAserver.org > > Thanks for the reply > > There is no web publishing rule - this server is not meant > for external > access. When someone initially connects to my wireless access > point, my dhcp > server issues them and ip, and when they try to browse, "a > deny all http > access from internal network to external" rule redirects any external > website requests to the web server running on the same > machine. This web > server provides these prospective users with a VPN login once > they've signed > up for the service - VPN users are then given access to the > intenet using an > "allow VPN traffic" rule. > > However, when the clients are initially redirected to the IIS > server running > on the same machine, the IP address of the servers internal network > interface is being used in place of the actual clients address. > > I am unable to create a listener as this would mean that two > programs are > attempting to bind to port 80 to listen for traffic (IIS and > web Listener). > > Hope this sheds more light on my dilemma. > > Kind regards, > > Matthew Dendle > > > -----Original Message----- > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > Sent: 15 September 2005 23:11 > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: ISA server not relaying clients IP to > web server. > > http://www.ISAserver.org > > This is what you get with web publishing (reverse proxy). > NAT has absolutely nothing to do with it. > You can change this behavior on a per-rule basis by selecting > "requests > appear to come from the original client" in the "To" tab of the > publishing rule. > > This setting requires that the published server use ISA as the default > route to the Internet. > Basic IP routing applies... > > -----Original Message----- > From: Matthew @ Telavoco [mailto:matthew@xxxxxxxxxxxx] > Sent: Thursday, September 15, 2005 2:48 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: ISA server not relaying clients IP to > web server. > > http://www.ISAserver.org > > Its isa server 2004, running on windows 2003 Enterprise edition > > I just don't see why the client doesn't connect directly to > IIS, rather > than > going through the ISA servers NAT first. At least, I think > that's whats > happening - I cant see any other reason why it would use the > IP address > of > one of its own interfaces rather than just relaying the clients IP > instead. > > Any ideas folks? > > > Matthew Dendle > www.telavoco.com > > -----Original Message----- > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > Sent: 15 September 2005 19:43 > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: ISA server not relaying clients IP to > web server. > > http://www.ISAserver.org > > What ISA version - 2000 or 2004? > > -----Original Message----- > From: Matthew [mailto:matthew@xxxxxxxxxxxx] > Sent: Thursday, September 15, 2005 10:16 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] ISA server not relaying clients IP to web server. > > http://www.ISAserver.org > > Hello everyone, > I am hosting a website on the same machine as my ISA server. > The reason > for this is that my isa server is acting as a gateway for a wireless > hotspot - users are redirected to my site, where they sign up > and get a > VPN client login, and are then able to connect to the > internet. This is > all working fine. > > However, I need to know what thier IP address is. > When they connect to the web application (written in ASP) thier Ip > address > always appears to be coming from the isa server itself, and not the > clients IP. The clients IP is completely masked by the NAT firewall > > (for those of you who are familiar with asp, the > server.requestvariables("CLIENT_IP") and "REMOTE_ADDR" and > "HTTP_X_FORWARDED_FOR" all return the address of the ISA > server, not the > client) > > Is there any way i could fix things so that the clients IP > will actually > be forwarded in the environment variables? > > Thanks folks > > Matthew Dendle > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > jim@xxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > All mail to and from this domain is GFI-scanned. > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > matthew@xxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > jim@xxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > All mail to and from this domain is GFI-scanned. > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > matthew@xxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > matthew@xxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > >