RE: Javascript through ISA 2004...

• From: "Ted Doholis" <tdoholis@xxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 22 Feb 2005 19:11:03 -0500

So if I understand correctly, if I unbind the web proxy filter from the
HTTP protocol, the FWC will not use it for connections but the web proxy
clients will unless the direct access rule is invoked?

Ted 

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Tuesday, February 22, 2005 7:05 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Javascript through ISA 2004...

http://www.ISAserver.org

Hi Ted,

No! Not true. Web proxy clients will always use the Web proxy filter
unless you exclude sites using Direct Access.

That's why you should always configure clients as Web proxy clients and
Firewall clients (server's in general aren't clients, so you don't
install the Firewall client on them).

HHT<
Tom 

-----Original Message-----
From: Ted D [mailto:tdoholis@xxxxxxxxxxxxx] 
Sent: Tuesday, February 22, 2005 2:05 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Javascript through ISA 2004...

http://www.ISAserver.org

Hi Tom, 

Thanks for the explanation. This is an extremely drastic move (remove
the web proxy filter) from the HTTP protocol! It works but isnt there a
way to exclude it for certain connections or something? this solution
basically lobotomizes ISA  and its features....

Thanks
TD

> Hi Ted,
> 
> My bad. :)
> 
> That's the part of the Direct Access piece you need to do to make sure

> you completely bypass the Web proxy.=20
> 
> Direct Access configuration is aimed at completely bypassing the Web 
> proxy. The autoconfig script informs the Web proxy clients configured 
> to use it to not remote the Web connection to the Web proxy filter via

> an HTTP tunneled request to TCP 8080 on the clients local Web proxy 
> listener.
> 
> However, if the HTTP protocol is bound to the Web proxy filter, 
> Firewall clients, and even the lowly, low security SecureNAT client 
> will be pushed up to the filter. So, in order to get the functionality

> you had with the old HTTP Redirectory Filter, you need to unbind the 
> filter from the protocol.
> 
> Note that this also disables the HTTP Security Filter interface, but 
> it does not disable the Web proxy filter or the HTTP filter for 
> clients configured as Web proxy clients.
> 
> HTH,=20
> 
> 
> Tom
> www.isaserver.org/shinder
> Tom and Deb Shinder's Configuring ISA Server 2004
> http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> 
> 
> -----Original Message-----
> From: Ted D [mailto:tdoholis@xxxxxxxxxxxxx]=20
> Sent: Tuesday, February 22, 2005 1:11 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Javascript through ISA 2004...
> 
> http://www.ISAserver.org
> 
> Hi Tom,=20
> 
> You hit the nail on the head. If I unbind the web proxy filter from 
> HTTP, everything works perfect.....but what does that mean really?? ;)
> 
> Thanks
> TD
> 
> > Hi Ted,
> >=20
> > OK, try one more thing just to "make sure" its not the ISA firewall.
> > Unbind the Web proxy filter from the HTTP protocol and (for some
> reason
> > I can't think of right now), remove authentication requirements for

> >access that site.
> >=20
> > This is sounding like a MIME registration issue to me now. ? 
> >:-\=3D20 =20 =20  Tom  www.isaserver.org/shinder  Tom and Deb 
> >Shinder's Configuring ISA Server 2004
> > http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> >=20
> >=20
> > -----Original Message-----
> > From: Ted D [mailto:tdoholis@xxxxxxxxxxxxx]=3D20
> > Sent: Tuesday, February 22, 2005 10:49 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Javascript through ISA 2004...
> >=20
> > http://www.ISAserver.org
> >=20
> > Hi Tom,=3D20
> >=20
> > I have now got the whole range in the direct access rule and
> everything
> > shows an IP rather than a URL. I still have the same problem though

> >where  most times you click on the link, you are prompted to open or 
> >save the  jsp  file rather than it linking to another page. BTW this 
> >is ISA 2004,  clients  are XP with all 3 connection methods.
> >=20
> > Thanks
> > TD
> >=20
> > > Hi Ted,
> > >=3D20
> > > I can't test directly, because I don't have a log on. However, if
> > you're
> > > seeing IP addresses and URLs, that indicates the the IP addresses
> are
> > > the ones most likely using Direct Access, and the URLs are not,
> since
> > > only the Web proxy client will show URLs in the log. So, double
> check
> > > that the URL sites are also configured for Direct Access.
> > >=3D20
> > > You *might* have to restart the client computer in order to get 
> > >the
> > new
> > > autoconfig script pulled down from the firewall.=3D3D20 =3D20 
> > >=3D20  Tom  www.isaserver.org/shinder  Tom and Deb Shinder's 
> > >Configuring ISA Server 2004
> > > http://tinyurl.com/3xqb7
> > > MVP -- ISA Firewalls
> > >=3D20
> > >=3D20
> > > -----Original Message-----
> > > From: Ted D [mailto:tdoholis@xxxxxxxxxxxxx]=3D3D20
> > > Sent: Tuesday, February 22, 2005 9:51 AM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: Javascript through ISA 2004...
> > >=3D20
> > > http://www.ISAserver.org
> > >=3D20
> > > Hi Tom,
> > >=3D20
> > > The site is ingrammicro.com. when you are logged in and have done 
> > >a  search  on a product, you can click on the item for real time 
> > >price and
> avail.
> > > detail and this is the jsp link. I can see that the content comes
> from
> > > multiple places and sometimes they are identified by IP rather 
> > > than
> > the
> > > DNS name etc. but dont really know how to identify what the exact

> > >problem  is as the url never changes so all you ever see in IE is  
> > >http://ca.ingrammicro.com/.....
> > >=3D20
> > > Thanks
> > > TD
> > >=3D20
> > > > Hi Ted,
> > > >=3D3D20
> > > > I forgot number 5 on  my list:
> > > >=3D3D20
> > > > 5. What specific sites don't work =3D3D20
> > > > :-)
> > > >=3D3D20
> > > > Really, its impossible to tell what's wrong without being able 
> > > >to
> > > check
> > > > out the actual site. The ISA firewall has no problem with
> > Javascript,
> > > > it's the specific site that's problematic, or the client
> > > configuration.
> > > >=3D3D20
> > > > HTH,=3D3D3D20
> > > >=3D3D20
> > > >=3D3D20
> > > > Tom
> > > > www.isaserver.org/shinder
> > > > Tom and Deb Shinder's Configuring ISA Server 2004
> > > > http://tinyurl.com/3xqb7
> > > > MVP -- ISA Firewalls
> > > >=3D3D20
> > > >=3D3D20
> > > > -----Original Message-----
> > > > From: Ted D [mailto:tdoholis@xxxxxxxxxxxxx]=3D3D3D20
> > > > Sent: Tuesday, February 22, 2005 9:42 AM
> > > > To: [ISAserver.org Discussion List]
> > > > Subject: [isalist] Javascript through ISA 2004...
> > > >=3D3D20
> > > > http://www.ISAserver.org
> > > >=3D3D20
> > > > I am having trouble getting javascript to work correctly through
> ISA
> > > > 2004.
> > > > FWC is installed and I have a direct access rule for the site. I
> see
> > > > that
> > > > the traffic is identified by the rule and it is allowed but 
> > > > about
> > 90%
> > > of
> > > > the time you get a pop up asking you if you want to open or save
> the
> > > jsp
> > > > file. even stranger is the other 10% of the time that it 
> > > > actually
> > > opens
> > > > the correct page.
> > > >=3D3D20
> > > > Has anyone had this problem? How did you solve it?
> > > >=3D3D20
> > > > ------------------------------------------------------
> > > > List Archives:
> > http://www.webelists.com/cgi/lyris.pl?enter=3D3D3D3Disalist
> > > > ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> > > > ISA Server FAQ: =3D3D
> > > http://www.isaserver.org/pages/larticle.asp?type=3D3D3D3DFAQ
> > > > ------------------------------------------------------
> > > > Other Internet Software Marketing Sites:
> > > > World of Windows Networking: http://www.windowsnetworking.com 
> > > > Leading Network Software Directory: http://www.serverfiles.com
> > > > No.1 Exchange Server Resource Site: http://www.msexchange.org 
> > > > Windows Security Resource Site: http://www.windowsecurity.com/ 
> > > > Network Security Library: http://www.secinf.net/ Windows 2000/NT

> > > > Fax Solutions: http://www.ntfaxfaq.com
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this ISAserver.org Discussion 
> > > > List
> > as:
> > > > tshinder@xxxxxxxxxxxxxxxxxx
> > > > To unsubscribe visit =3D3D3D
> > > > http://www.webelists.com/cgi/lyris.pl?enter=3D3D3D3Disalist
> > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >=3D20
> > > ------------------------------------------------------
> > > List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=3D3D3Disalist
> > > ISA Server Newsletter: 
> > > http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: =3D
> > http://www.isaserver.org/pages/larticle.asp?type=3D3D3DFAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > World of Windows Networking: http://www.windowsnetworking.com 
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org 
> > > Windows Security Resource Site: http://www.windowsecurity.com/ 
> > > Network Security Library: http://www.secinf.net/ Windows 2000/NT 
> > > Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List
> as:
> > > tshinder@xxxxxxxxxxxxxxxxxx
> > > To unsubscribe visit =3D3D
> > > http://www.webelists.com/cgi/lyris.pl?enter=3D3D3Disalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> >=20
> > ------------------------------------------------------
> > List Archives: 
> >http://www.webelists.com/cgi/lyris.pl?enter=3D3Disalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: =
> http://www.isaserver.org/pages/larticle.asp?type=3D3DFAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > World of Windows Networking: http://www.windowsnetworking.com 
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org 
> > Windows Security Resource Site: http://www.windowsecurity.com/ 
> > Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax

> > Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List
as:
> > tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit =3D
> > http://www.webelists.com/cgi/lyris.pl?enter=3D3Disalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading 
> Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org Windows 
> Security Resource Site: http://www.windowsecurity.com/ Network 
> Security Library: http://www.secinf.net/ Windows 2000/NT Fax 
> Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit =
> http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tdoholis@xxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...
• » RE: Javascript through ISA 2004...

1. Home
2. isalist
3. Archive
4. 02-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---