http://www.ISAserver.org ------------------------------------------------------- round??? wtf! > Well, I already suggested putting a DHCP server on the red VLAN - that > solves all your problems -- you get the keep them on the red VLAN until > they are clean, and you can use DHCP to configure the proxy/wpad and all > of your dreams will come true! > > > > t > > > > P.S. It's not hard at all for me to say "I don't know." You're > thinking of Jim :0 Quite often there are things that I don't know, or > things that I think I know that I am wrong about: it both instances, I > embrace those occasions as it provides me with an opportunity to learn > -- which is why I'm on this big, round, blue/green ball. > > > > > > > > > > > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] > On Behalf Of Ruba Al-Omari > Sent: Thursday, January 17, 2008 1:38 PM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: No proxy, > > > > My clean access server knows about the ISA and so do my clients, they > can access the internet, but they have to go to the options in IE and > write down the proxy and port then they are connected. > Once my clients are on the green vlan my real DHCP gives their IPs, in > which case I use group policy to direct them to the correct ISA. > I can't allow my real DHCP to assign IPs to these clients as they are > not allowed to access the network till they are clean :) > > The magic solution am seeking here is to allow my red vlan users who are > getting their DHCP from the wireless controller which can't have the ISA > as their default GW to reach the internet without having them > configuring their proxies, and since there is no magic solution then I > can see now that it can't be done, I really just thought you guys know > something that I don't (which is the magic solution am seeking), > especially you Thor, you are the hammer of god, you must know something > that we all don't, or else how did you get in such a senior position up > there? :) > > I know as a man its hard for you to say "I don't know" but I discovered > now that you can't say "it can't be done " too :) because saying "it > can't be done" might implicitly mean that there might be something that > you don't know :) > > anyways I guess they will have to live with it, after all configuring a > proxy takes less then a minute. > > > > Thanks, > Ruba > > > > ________________________________ > > From: isalist-bounce@xxxxxxxxxxxxx on behalf of Steve Moffat > Sent: Thu 1/17/2008 11:40 PM > To: ISA Mailing List > Subject: [isalist] Re: No proxy, > > You're my hero....NOT!! > > > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] > On Behalf Of Thor (Hammer of God) > Sent: Thursday, January 17, 2008 4:31 PM > To: ISA Mailing List > Subject: [isalist] Re: No proxy, > > > > Yeah - not sure what "magic" solution is being sought here... > > > > Either point the clients to the ISA as SNAT clients or configure the > clients via DNS, etc... If the problem is that they get their config > from the wireless device, then don't do that... Turn off DHCP on that > guy and set up your own DHCP server on that segment or set up a DHCP > relay... Easy 'nuff.... > > > > t > > > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] > On Behalf Of Steve Moffat > Sent: Thursday, January 17, 2008 11:37 AM > To: ISA Mailing List > Subject: [isalist] Re: No proxy, > > > > Well, you will have to find a way. Your clean access network still needs > a route to your Internet Gateway. If it doesn't know about it, then > neither will your wireless clients and they will never get out to the > internet. > > > > This isn't an ISA issue, it's a networking issue. > > > > S > > > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] > On Behalf Of Ruba Al-Omari > Sent: Thursday, January 17, 2008 5:24 AM > To: ISA Mailing List > Subject: [isalist] Re: No proxy, > > > > I can't do that, I need the gateway to be the network clean access > server, which asses the users laptops when they need to connect to the > network resources. > > Thanks, > Ruba > > > > ________________________________ > > From: isalist-bounce@xxxxxxxxxxxxx on behalf of Steve Moffat > Sent: Thu 1/17/2008 1:39 AM > To: ISA Mailing List > Subject: [isalist] Re: No proxy, > > The gateway for the wireless controller needs to be the ISA's IP > address. > > > > S > > > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] > On Behalf Of Ruba Al-Omari > Sent: Wednesday, January 16, 2008 6:16 PM > To: ISA Mailing List > Subject: [isalist] Re: No proxy, > > > > Thank you steve, > The clients don't get the IPs from my Windows DHCP server, they get it > from the wireless controller, in my case I have a red vlan where users > are allowed only to access the internet with a rule that takes them to > the proxy without having to be compliant, if they need to access other > network resources then they are redirected to the remedy server and > checked for compliance and then issued an IP from my real DHCP, but in > this case where I don't want them to have to put the proxy they only > need to access the internet and do not have access to my network. > > the wireless controllers DHCP options are very limited, but is there a > workaround this? > > > > ________________________________ > > From: isalist-bounce@xxxxxxxxxxxxx on behalf of Steve Moffat > Sent: Tue 1/8/2008 11:30 PM > To: ISA Mailing List > Subject: [isalist] Re: No proxy, > > Indeed, is your DHCP server not supplying the gateway address?? > > > > Use the ISA auto configuration in DNS > > > > S > > > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] > On Behalf Of Ruba Al-Omari > Sent: Tuesday, January 08, 2008 4:23 PM > To: ISA Mailing List > Subject: [isalist] No proxy, > > > > Hi, > > > > Is there a way to let my users browse the internet without having them > put the ISA server's IP in their internet explorer? and without having > to install a firewall client. > > The case is I have wireless network, and I like the users to start > browsing once they are connected (after authentication), however these > users laptops are their own, so they are not part of my domain and I > have no control over them with the group policy, if they put the proxy > IP manually in their IE every thing works fine, but I want them not to > have to do that, any advice? > > > > Thanks, > > > -- > Ruba Al-Omari > > > > -- > Ruba Al-Omari > > ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx