RE: Javascript through ISA 2004...

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Tue, 22 Feb 2005 13:14:52 -0600

Hi Ted,

My bad. :)

That's the part of the Direct Access piece you need to do to make sure
you completely bypass the Web proxy. 

Direct Access configuration is aimed at completely bypassing the Web
proxy. The autoconfig script informs the Web proxy clients configured to
use it to not remote the Web connection to the Web proxy filter via an
HTTP tunneled request to TCP 8080 on the clients local Web proxy
listener.

However, if the HTTP protocol is bound to the Web proxy filter, Firewall
clients, and even the lowly, low security SecureNAT client will be
pushed up to the filter. So, in order to get the functionality you had
with the old HTTP Redirectory Filter, you need to unbind the filter from
the protocol.

Note that this also disables the HTTP Security Filter interface, but it
does not disable the Web proxy filter or the HTTP filter for clients
configured as Web proxy clients.

HTH, 


Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls


-----Original Message-----
From: Ted D [mailto:tdoholis@xxxxxxxxxxxxx] 
Sent: Tuesday, February 22, 2005 1:11 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Javascript through ISA 2004...

http://www.ISAserver.org

Hi Tom, 

You hit the nail on the head. If I unbind the web proxy filter from
HTTP,
everything works perfect.....but what does that mean really?? ;)

Thanks
TD

> Hi Ted,
> 
> OK, try one more thing just to "make sure" its not the ISA firewall.
> Unbind the Web proxy filter from the HTTP protocol and (for some
reason
> I can't think of right now), remove authentication requirements for
> access that site.
> 
> This is sounding like a MIME registration issue to me now. ? :-\=20
> 
> 
> Tom
> www.isaserver.org/shinder
> Tom and Deb Shinder's Configuring ISA Server 2004
> http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> 
> 
> -----Original Message-----
> From: Ted D [mailto:tdoholis@xxxxxxxxxxxxx]=20
> Sent: Tuesday, February 22, 2005 10:49 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Javascript through ISA 2004...
> 
> http://www.ISAserver.org
> 
> Hi Tom,=20
> 
> I have now got the whole range in the direct access rule and
everything
> shows an IP rather than a URL. I still have the same problem though
> where
> most times you click on the link, you are prompted to open or save the
> jsp
> file rather than it linking to another page. BTW this is ISA 2004,
> clients
> are XP with all 3 connection methods.
> 
> Thanks
> TD
> 
> > Hi Ted,
> >=20
> > I can't test directly, because I don't have a log on. However, if
> you're
> > seeing IP addresses and URLs, that indicates the the IP addresses
are
> > the ones most likely using Direct Access, and the URLs are not,
since
> > only the Web proxy client will show URLs in the log. So, double
check
> > that the URL sites are also configured for Direct Access.
> >=20
> > You *might* have to restart the client computer in order to get the
> new
> > autoconfig script pulled down from the firewall.=3D20
> >=20
> >=20
> > Tom
> > www.isaserver.org/shinder
> > Tom and Deb Shinder's Configuring ISA Server 2004
> > http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> >=20
> >=20
> > -----Original Message-----
> > From: Ted D [mailto:tdoholis@xxxxxxxxxxxxx]=3D20
> > Sent: Tuesday, February 22, 2005 9:51 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Javascript through ISA 2004...
> >=20
> > http://www.ISAserver.org
> >=20
> > Hi Tom,
> >=20
> > The site is ingrammicro.com. when you are logged in and have done a
> > search
> > on a product, you can click on the item for real time price and
avail.
> > detail and this is the jsp link. I can see that the content comes
from
> > multiple places and sometimes they are identified by IP rather than
> the
> > DNS name etc. but dont really know how to identify what the exact
> > problem
> > is as the url never changes so all you ever see in IE is
> > http://ca.ingrammicro.com/.....
> >=20
> > Thanks
> > TD
> >=20
> > > Hi Ted,
> > >=3D20
> > > I forgot number 5 on  my list:
> > >=3D20
> > > 5. What specific sites don't work
> > >=3D20
> > > :-)
> > >=3D20
> > > Really, its impossible to tell what's wrong without being able to
> > check
> > > out the actual site. The ISA firewall has no problem with
> Javascript,
> > > it's the specific site that's problematic, or the client
> > configuration.
> > >=3D20
> > > HTH,=3D3D20
> > >=3D20
> > >=3D20
> > > Tom
> > > www.isaserver.org/shinder
> > > Tom and Deb Shinder's Configuring ISA Server 2004
> > > http://tinyurl.com/3xqb7
> > > MVP -- ISA Firewalls
> > >=3D20
> > >=3D20
> > > -----Original Message-----
> > > From: Ted D [mailto:tdoholis@xxxxxxxxxxxxx]=3D3D20
> > > Sent: Tuesday, February 22, 2005 9:42 AM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] Javascript through ISA 2004...
> > >=3D20
> > > http://www.ISAserver.org
> > >=3D20
> > > I am having trouble getting javascript to work correctly through
ISA
> > > 2004.
> > > FWC is installed and I have a direct access rule for the site. I
see
> > > that
> > > the traffic is identified by the rule and it is allowed but about
> 90%
> > of
> > > the time you get a pop up asking you if you want to open or save
the
> > jsp
> > > file. even stranger is the other 10% of the time that it actually
> > opens
> > > the correct page.
> > >=3D20
> > > Has anyone had this problem? How did you solve it?
> > >=3D20
> > > ------------------------------------------------------
> > > List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=3D3D3Disalist
> > > ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: =3D
> > http://www.isaserver.org/pages/larticle.asp?type=3D3D3DFAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > World of Windows Networking: http://www.windowsnetworking.com
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List
> as:
> > > tshinder@xxxxxxxxxxxxxxxxxx
> > > To unsubscribe visit =3D3D
> > > http://www.webelists.com/cgi/lyris.pl?enter=3D3D3Disalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> >=20
> > ------------------------------------------------------
> > List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=3D3Disalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: =
> http://www.isaserver.org/pages/larticle.asp?type=3D3DFAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > World of Windows Networking: http://www.windowsnetworking.com
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List
as:
> > tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit =3D
> > http://www.webelists.com/cgi/lyris.pl?enter=3D3Disalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit =
> http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 02-2005