[isalist] Re: No proxy,
- From: "Greg Mulholland" <gmulholland@xxxxxxxxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Fri, 18 Jan 2008 08:09:22 +1000 (EST)
http://www.ISAserver.org
-------------------------------------------------------
round??? wtf!
> Well, I already suggested putting a DHCP server on the red VLAN - that
> solves all your problems -- you get the keep them on the red VLAN until
> they are clean, and you can use DHCP to configure the proxy/wpad and all
> of your dreams will come true!
>
>
>
> t
>
>
>
> P.S. It's not hard at all for me to say "I don't know." You're
> thinking of Jim :0 Quite often there are things that I don't know, or
> things that I think I know that I am wrong about: it both instances, I
> embrace those occasions as it provides me with an opportunity to learn
> -- which is why I'm on this big, round, blue/green ball.
>
>
>
>
>
>
>
>
>
>
>
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Ruba Al-Omari
> Sent: Thursday, January 17, 2008 1:38 PM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: No proxy,
>
>
>
> My clean access server knows about the ISA and so do my clients, they
> can access the internet, but they have to go to the options in IE and
> write down the proxy and port then they are connected.
> Once my clients are on the green vlan my real DHCP gives their IPs, in
> which case I use group policy to direct them to the correct ISA.
> I can't allow my real DHCP to assign IPs to these clients as they are
> not allowed to access the network till they are clean :)
>
> The magic solution am seeking here is to allow my red vlan users who are
> getting their DHCP from the wireless controller which can't have the ISA
> as their default GW to reach the internet without having them
> configuring their proxies, and since there is no magic solution then I
> can see now that it can't be done, I really just thought you guys know
> something that I don't (which is the magic solution am seeking),
> especially you Thor, you are the hammer of god, you must know something
> that we all don't, or else how did you get in such a senior position up
> there? :)
>
> I know as a man its hard for you to say "I don't know" but I discovered
> now that you can't say "it can't be done " too :) because saying "it
> can't be done" might implicitly mean that there might be something that
> you don't know :)
>
> anyways I guess they will have to live with it, after all configuring a
> proxy takes less then a minute.
>
>
>
> Thanks,
> Ruba
>
>
>
> ________________________________
>
> From: isalist-bounce@xxxxxxxxxxxxx on behalf of Steve Moffat
> Sent: Thu 1/17/2008 11:40 PM
> To: ISA Mailing List
> Subject: [isalist] Re: No proxy,
>
> You're my hero....NOT!!
>
>
>
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Thor (Hammer of God)
> Sent: Thursday, January 17, 2008 4:31 PM
> To: ISA Mailing List
> Subject: [isalist] Re: No proxy,
>
>
>
> Yeah - not sure what "magic" solution is being sought here...
>
>
>
> Either point the clients to the ISA as SNAT clients or configure the
> clients via DNS, etc... If the problem is that they get their config
> from the wireless device, then don't do that... Turn off DHCP on that
> guy and set up your own DHCP server on that segment or set up a DHCP
> relay... Easy 'nuff....
>
>
>
> t
>
>
>
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Steve Moffat
> Sent: Thursday, January 17, 2008 11:37 AM
> To: ISA Mailing List
> Subject: [isalist] Re: No proxy,
>
>
>
> Well, you will have to find a way. Your clean access network still needs
> a route to your Internet Gateway. If it doesn't know about it, then
> neither will your wireless clients and they will never get out to the
> internet.
>
>
>
> This isn't an ISA issue, it's a networking issue.
>
>
>
> S
>
>
>
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Ruba Al-Omari
> Sent: Thursday, January 17, 2008 5:24 AM
> To: ISA Mailing List
> Subject: [isalist] Re: No proxy,
>
>
>
> I can't do that, I need the gateway to be the network clean access
> server, which asses the users laptops when they need to connect to the
> network resources.
>
> Thanks,
> Ruba
>
>
>
> ________________________________
>
> From: isalist-bounce@xxxxxxxxxxxxx on behalf of Steve Moffat
> Sent: Thu 1/17/2008 1:39 AM
> To: ISA Mailing List
> Subject: [isalist] Re: No proxy,
>
> The gateway for the wireless controller needs to be the ISA's IP
> address.
>
>
>
> S
>
>
>
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Ruba Al-Omari
> Sent: Wednesday, January 16, 2008 6:16 PM
> To: ISA Mailing List
> Subject: [isalist] Re: No proxy,
>
>
>
> Thank you steve,
> The clients don't get the IPs from my Windows DHCP server, they get it
> from the wireless controller, in my case I have a red vlan where users
> are allowed only to access the internet with a rule that takes them to
> the proxy without having to be compliant, if they need to access other
> network resources then they are redirected to the remedy server and
> checked for compliance and then issued an IP from my real DHCP, but in
> this case where I don't want them to have to put the proxy they only
> need to access the internet and do not have access to my network.
>
> the wireless controllers DHCP options are very limited, but is there a
> workaround this?
>
>
>
> ________________________________
>
> From: isalist-bounce@xxxxxxxxxxxxx on behalf of Steve Moffat
> Sent: Tue 1/8/2008 11:30 PM
> To: ISA Mailing List
> Subject: [isalist] Re: No proxy,
>
> Indeed, is your DHCP server not supplying the gateway address??
>
>
>
> Use the ISA auto configuration in DNS
>
>
>
> S
>
>
>
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Ruba Al-Omari
> Sent: Tuesday, January 08, 2008 4:23 PM
> To: ISA Mailing List
> Subject: [isalist] No proxy,
>
>
>
> Hi,
>
>
>
> Is there a way to let my users browse the internet without having them
> put the ISA server's IP in their internet explorer? and without having
> to install a firewall client.
>
> The case is I have wireless network, and I like the users to start
> browsing once they are connected (after authentication), however these
> users laptops are their own, so they are not part of my domain and I
> have no control over them with the group policy, if they put the proxy
> IP manually in their IE every thing works fine, but I want them not to
> have to do that, any advice?
>
>
>
> Thanks,
>
>
> --
> Ruba Al-Omari
>
>
>
> --
> Ruba Al-Omari
>
>
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
- » [isalist] No proxy,
- » [isalist] Re: No proxy,
- » [isalist] Re: No proxy,
- » [isalist] Re: No proxy,
- » [isalist] Re: No proxy,
- » [isalist] Re: No proxy,
- » [isalist] Re: No proxy,
- » [isalist] Re: No proxy,
- » [isalist] Re: No proxy,
- » [isalist] Re: No proxy,
- » [isalist] Re: No proxy,
- » [isalist] Re: No proxy,
- » [isalist] Re: No proxy,
- » [isalist] Re: No proxy,
- » [isalist] Re: No proxy,
- » [isalist] Re: No proxy,
- » [isalist] Re: No proxy,
