http://www.ISAserver.org ------------------------------------------------------- Will it still enter that data into the msde database? -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder Sent: Tuesday, March 28, 2006 11:28 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: [ISAserver.org Discussion List] Re: webchaining. http://www.ISAserver.org ------------------------------------------------------- Hi Mike, Yes, you can do that. Change the logging format to .txt and then uninstall the "Advanced Logging" by running the ISA add/remove process. Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Michael Ross > Sent: Tuesday, March 28, 2006 11:15 AM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: [ISAserver.org Discussion List] Re: > webchaining. > > http://www.ISAserver.org > ------------------------------------------------------- > > Here's what could help me out. > Can I enable the downstream proxy to log to a text file? If I do that, > would nothing get saved in the MSDE database? > I could tail that txt file each day to watch where the users are > going. > > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx > [mailto:isalist-bounce@xxxxxxxxxxxxx] > On Behalf Of Thomas W Shinder > Sent: Tuesday, March 28, 2006 8:45 AM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: [ISAserver.org Discussion List] Re: > webchaining. > > http://www.ISAserver.org > ------------------------------------------------------- > > Hi Mike, > > Be careful. You need to configure the downstreams to use a specific > account to auth to the upstream. The branch office users will not be > authing with the upstream. The branch office ISA firewall itself will > authenticating itself with the upstream -- the users won't. > > Thomas W Shinder, M.D. > Site: www.isaserver.org > Blog: http://blogs.isaserver.org/shinder/ > Book: http://tinyurl.com/3xqb7 > MVP -- ISA Firewalls > > > > > -----Original Message----- > > From: isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Michael Ross > > Sent: Tuesday, March 28, 2006 8:41 AM > > To: isalist@xxxxxxxxxxxxx > > Subject: [isalist] Re: [ISAserver.org Discussion List] Re: > > webchaining. > > > > http://www.ISAserver.org > > ------------------------------------------------------- > > > > So, if I enable authentication at the upstream AND > downstream proxies, > > > a user wont get prompted to authenticate over and over? Ill give it > > shot now and let u know what happens. > > If it works, that would give me one way to back track to > the original > > IP\User > > > > -----Original Message----- > > From: isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] > > On Behalf Of Thomas W Shinder > > Sent: Tuesday, March 28, 2006 8:38 AM > > To: isalist@xxxxxxxxxxxxx > > Subject: [isalist] Re: [ISAserver.org Discussion List] Re: > > webchaining. > > > > http://www.ISAserver.org > > ------------------------------------------------------- > > > > No, it shouldn't. At least it hasn't the last time I tested and > > deployed it. > > > > Thomas W Shinder, M.D. > > Site: www.isaserver.org > > Blog: http://blogs.isaserver.org/shinder/ > > Book: http://tinyurl.com/3xqb7 > > MVP -- ISA Firewalls > > > > > > > > > -----Original Message----- > > > From: isalist-bounce@xxxxxxxxxxxxx > > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Michael Ross > > > Sent: Tuesday, March 28, 2006 8:26 AM > > > To: isalist@xxxxxxxxxxxxx > > > Subject: [isalist] Re: [ISAserver.org Discussion List] Re: > > > webchaining. > > > > > > http://www.ISAserver.org > > > ------------------------------------------------------- > > > > > > Correct me if im wrong, but wont that cause multiple > authentication > > > boxes? > > > > > > > > > -----Original Message----- > > > From: isalist-bounce@xxxxxxxxxxxxx > > > [mailto:isalist-bounce@xxxxxxxxxxxxx] > > > On Behalf Of Jim Harrison > > > Sent: Tuesday, March 28, 2006 8:18 AM > > > To: isalist@xxxxxxxxxxxxx > > > Subject: [isalist] Re: [ISAserver.org Discussion List] Re: > > > webchaining. > > > > > > http://www.ISAserver.org > > > ------------------------------------------------------- > > > > > > Here's a Q forya: > > > - why are you only authenticating on the upstream proxy? > > > You should *always* authenticate closest to the user / > > domain making > > > the request. > > > > > > -----Original Message----- > > > From: isalist-bounce@xxxxxxxxxxxxx > > > [mailto:isalist-bounce@xxxxxxxxxxxxx] > > > On Behalf Of Michael Ross > > > Sent: Tuesday, March 28, 2006 5:41 AM > > > To: isalist@xxxxxxxxxxxxx > > > Subject: [isalist] Re: [ISAserver.org Discussion List] Re: > > > webchaining. > > > > > > lets take this one step further. > > > on my upstream proxy, i see the logs rolling by, and i see > > usernames > > > and the IP address of the downstream proxy. > > > ok, so that is what it is.. however, when viewing the > > monitoring tab > > > on the downstream proxy, I only see 'anonymous' on every session. > > > How could one correlate those 'anonymouses' with the actual > > user ID in > > > > > the event that you need to trace back web activity to a > > user\IPaddress > > > > > combo? > > > i only have authentication required on the upstream proxy, > > otherwise, > > > the users get prompted over and over to authenticate to get > > out to the > > > > > web. > > > > > > ________________________________ > > > > > > From: isalist-bounce@xxxxxxxxxxxxx > > > [mailto:isalist-bounce@xxxxxxxxxxxxx] > > > On Behalf Of Thomas W Shinder > > > Sent: Tuesday, March 21, 2006 3:36 PM > > > To: isalist@xxxxxxxxxxxxx > > > Subject: [ISAserver.org Discussion List] Re: webchaining. > > > > > > > > > Hi Mike, > > > > > > Listen here little feller: > > > > > > If the Web Proxy Filter handles the request, then the source IP > > > address will always be the IP address of the ISA firewall. > > > > > > I'll stand by that until I have a chance to test it, or Jim > > tells me > > > I'm wrong :) > > > > > > Tom > > > > > > Thomas W Shinder, M.D. > > > Site: www.isaserver.org <http://www.isaserver.org/> > > > Blog: http://blogs.isaserver.org/shinder/ > > > Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> > > MVP -- ISA > > > Firewalls > > > > > > > > > > > > > > > ________________________________ > > > > > > From: isalist-bounce@xxxxxxxxxxxxx > > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Michael Ross > > > Sent: Tuesday, March 21, 2006 3:18 PM > > > To: isalist@xxxxxxxxxxxxx > > > Subject: [ISAserver.org Discussion List] Re: webchaining. > > > > > > > > > on my upstream proxy, the before the firewall, its set to Route, > > not > > > NAT. > > > if it was set to NAT, the upstream proxy's IP was shown. > > > so, i was hoping my downstream would show the client IP > > > > > > ________________________________ > > > > > > From: isalist-bounce@xxxxxxxxxxxxx > > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas > W Shinder > > > Sent: Tuesday, March 21, 2006 2:58 PM > > > To: isalist@xxxxxxxxxxxxx > > > Subject: [ISAserver.org Discussion List] Re: webchaining. > > > > > > > > > Yep, that is weird. > > > > > > Thomas W Shinder, M.D. > > > Site: www.isaserver.org <http://www.isaserver.org/> > > > Blog: http://blogs.isaserver.org/shinder/ > > > Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> > > > MVP -- ISA Firewalls > > > > > > > > > > > > > > > ________________________________ > > > > > > From: isalist-bounce@xxxxxxxxxxxxx > > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Michael Ross > > > Sent: Tuesday, March 21, 2006 2:40 PM > > > To: isalist@xxxxxxxxxxxxx > > > Subject: [ISAserver.org Discussion List] Re: > > > webchaining. > > > > > > > > > ya know i think its just odd. > > > right now my upstream proxy sends the client IP to the > > firewall.. > > > > > > ________________________________ > > > > > > From: isalist-bounce@xxxxxxxxxxxxx > > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas > W Shinder > > > Sent: Tuesday, March 21, 2006 2:22 PM > > > To: isalist@xxxxxxxxxxxxx > > > Subject: [ISAserver.org Discussion List] Re: > > > webchaining. > > > > > > > > > You can't have it both ways. If you want to use the > > local Web proxy, > > > you must accept the source IP address being that of the > > downstream ISA > > > > > firewall. > > > > > > Thomas W Shinder, M.D. > > > Site: www.isaserver.org <http://www.isaserver.org/> > > > Blog: http://blogs.isaserver.org/shinder/ > > > Book: http://tinyurl.com/3xqb7 > > > <http://tinyurl.com/3xqb7> > > > MVP -- ISA Firewalls > > > > > > > > > > > > > > > ________________________________ > > > > > > From: isalist-bounce@xxxxxxxxxxxxx > > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Michael Ross > > > Sent: Tuesday, March 21, 2006 2:18 PM > > > To: isalist@xxxxxxxxxxxxx > > > Subject: [ISAserver.org Discussion List] Re: > > > webchaining. > > > > > > > > > i want them to cache locally, but i want one > > place to watch the > > > activity > > > > > > ________________________________ > > > > > > From: isalist-bounce@xxxxxxxxxxxxx > > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas > W Shinder > > > Sent: Tuesday, March 21, 2006 2:11 PM > > > To: isalist@xxxxxxxxxxxxx > > > Subject: [ISAserver.org Discussion List] Re: > > > webchaining. > > > > > > > > > What's the point of having them use the local > > proxy? Why not just > > > configure the clients to connect directly to the upstream > Web proxy > > > and bypass proxy on the destination server? Turn off Web > > proxy support > > > > > on the downstream and away you go. > > > > > > Thomas W Shinder, M.D. > > > Site: www.isaserver.org > > > <http://www.isaserver.org/> > > > Blog: http://blogs.isaserver.org/shinder/ > > > Book: http://tinyurl.com/3xqb7 > > > <http://tinyurl.com/3xqb7> > > > MVP -- ISA Firewalls > > > > > > > > > > > > > > > ________________________________ > > > > > > From: isalist-bounce@xxxxxxxxxxxxx > > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Michael Ross > > > Sent: Tuesday, March 21, 2006 2:06 PM > > > To: isalist@xxxxxxxxxxxxx > > > Subject: [ISAserver.org Discussion List] > > > Re: webchaining. > > > > > > > > > so basically i have to setup something > > to tail what's being > > > entered into the MSDE database as the users hit the web, right? > > > > > > ________________________________ > > > > > > From: isalist-bounce@xxxxxxxxxxxxx > > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas > W Shinder > > > Sent: Tuesday, March 21, 2006 1:44 PM > > > To: isalist@xxxxxxxxxxxxx > > > Subject: [ISAserver.org Discussion List] > > > Re: webchaining. > > > > > > > > > Yes, but you won't have Web proxy > chaining. You need a ROUTE > > > Network Rule and no Web proxy > > services at > > > the downstream. I.e., no local caching. > > > > > > Thomas W Shinder, M.D. > > > Site: www.isaserver.org > > > <http://www.isaserver.org/> > > > Blog: > > > http://blogs.isaserver.org/shinder/ > > > Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> > > > MVP -- ISA Firewalls > > > > > > > > > > > > > > > ________________________________ > > > > > > From: > > > isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On > > > Behalf Of Michael Ross > > > Sent: Tuesday, March 21, 2006 > > > 12:04 PM > > > To: isalist@xxxxxxxxxxxxx > > > Subject: [ISAserver.org > > > Discussion List] Re: webchaining. > > > > > > > > > any way to have it log the IP address of the actual client on > > > the upstream ISA? it would make monitoring the clients so much > > > easier. > > > > > > ________________________________ > > > > > > From: > > > isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On > > > Behalf Of Thomas W Shinder > > > Sent: Tuesday, March 21, 2006 > > > 11:49 AM > > > To: isalist@xxxxxxxxxxxxx > > > Subject: [ISAserver.org > > > Discussion List] Re: webchaining. > > > > > > > > > Hi Mike, > > > > > > That's expected and what's > > > supposed to happen. > > > > > > Thomas W Shinder, M.D. > > > Site: www.isaserver.org > > > <http://www.isaserver.org/> > > > Blog: > > > http://blogs.isaserver.org/shinder/ > > > Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> > > > MVP -- ISA Firewalls > > > > > > > > > > > > > > > ________________________________ > > > > > > From: > > > isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On > > > Behalf Of Michael Ross > > > Sent: Tuesday, March 21, > > > 2006 11:38 AM > > > To: > > > isalist@xxxxxxxxxxxxx > > > Subject: [ISAserver.org > > > Discussion List] webchaining. > > > > > > > > > Another question. > > > > > > When I watch my logs on > > > the upstream proxy, I see users coming thru with the IP > > address of the > > > > > downstream proxy, not of the client they are on. > > > > > > Thoughts? > > > > > > > > > All mail to and from this domain is GFI-scanned. > > > > > > ------------------------------------------------------ > > > List Archives: //www.freelists.org/archives/isalist/ > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server Articles and Tutorials: > > > http://www.isaserver.org/articles_tutorials/ > > > ISA Server Blogs: http://blogs.isaserver.org/ > > > ------------------------------------------------------ > > > Visit TechGenix.com for more information about our other sites: > > > http://www.techgenix.com > > > ------------------------------------------------------ > > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > ------------------------------------------------------ > > > List Archives: //www.freelists.org/archives/isalist/ > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server Articles and Tutorials: > > > http://www.isaserver.org/articles_tutorials/ > > > ISA Server Blogs: http://blogs.isaserver.org/ > > > ------------------------------------------------------ > > > Visit TechGenix.com for more information about our other sites: > > > http://www.techgenix.com > > > ------------------------------------------------------ > > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > > > > ------------------------------------------------------ > > List Archives: //www.freelists.org/archives/isalist/ > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server Articles and Tutorials: > > http://www.isaserver.org/articles_tutorials/ > > ISA Server Blogs: http://blogs.isaserver.org/ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > ------------------------------------------------------ > > List Archives: //www.freelists.org/archives/isalist/ > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server Articles and Tutorials: > > http://www.isaserver.org/articles_tutorials/ > > ISA Server Blogs: http://blogs.isaserver.org/ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > > ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx