Yep, look like your correct, diden't see that before..... code 407 :) -brendan -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Tuesday, 9 October 2001 9:56 AM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Logfiles http://www.ISAserver.org All browsers use anonymous connection to start with and may actually make 3 or 4 such attempts before they finally decide to provide authentication. ISA logs each and every connection, regardless of authentication state. Thus, you get anonymous connection attempts in the logs, resulting in anonymous entries in the reports. Jim Harrison MCP(2K), A+, Network+, PCG ----- Original Message ----- From: "brendan.davey" <brendan.davey@xxxxxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Monday, October 08, 2001 15:47 Subject: [isalist] Logfiles http://www.ISAserver.org Does anyone have any ideas why anonymous is still appearing in my web logs.... I have web filters that state only domain users can get out. If you search around the anonymous entries you can eventually find a real user etc that relates to the site being visited. but still it's very frustrating. I've ticked the box to force unauthenticated users to authenticate! (under outgoing web requests) The ISA box is using members from NT 4.0 domains, of which it's a member of one, which trusts another. -thanks ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: brendan.davey@xxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')