Hmmm. Never thought of it that way. Good point. Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls **Who is John Galt?** > -----Original Message----- > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > Sent: Thursday, November 03, 2005 8:44 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] Re: Publishing the Web Proxy listener > > http://www.ISAserver.org > > Maybe if they spent the nickels, they'd have a pot..? > =^p > > ------------------------------------------------------- > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG > http://isaserver.org/Jim_Harrison/ > http://isatools.org > Read the help / books / articles! > ------------------------------------------------------- > > > -----Original Message----- > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > Sent: Thursday, November 03, 2005 18:30 > To: [ISAserver.org Discussion List] > Subject: [isalist] Re: Publishing the Web Proxy listener > > http://www.ISAserver.org > > Hey Jim, > > From what I hear, small biz doesn't have a pot to p*ss in or > two nickles > to rub against each other. So maybe it would work :\/P > > Thomas W Shinder, M.D. > Site: www.isaserver.org > Blog: http://spaces.msn.com/members/drisa/ > Book: http://tinyurl.com/3xqb7 > MVP -- ISA Firewalls > **Who is John Galt?** > > > > > -----Original Message----- > > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > > Sent: Thursday, November 03, 2005 8:24 PM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] Re: Publishing the Web Proxy listener > > > > http://www.ISAserver.org > > > > Ew. > > > > ..and if they're that cheap, they also have a dynamic IP. > > How do we propose to limit access to the WPR if you can't > > "allow only"? > > Can we say "publish your wpad and wspad data to the Internet"? > > > > ------------------------------------------------------- > > Jim Harrison > > MCP(NT4, W2K), A+, Network+, PCG > > http://isaserver.org/Jim_Harrison/ > > http://isatools.org > > Read the help / books / articles! > > ------------------------------------------------------- > > > > > > -----Original Message----- > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > > Sent: Thursday, November 03, 2005 17:19 > > To: [ISAserver.org Discussion List] > > Subject: [isalist] Re: Publishing the Web Proxy listener > > > > http://www.ISAserver.org > > > > Hey Jim, > > > > How about this scenario: > > > > Branch office is connected to the Internet through something like a > > Sonicsquall NAT device. They don't have a site to site VPN > > with the main > > office. > > > > The main office uses an edge ISA firewall, or maybe a back-end ISA > > firewall, and wants to publish the ISA firewall's internal-side (not > > necessarily part of the default Internet Network) listener to > > the branch > > office users. Maybe the SOHO NAT device used at the branch > offices can > > do some sort of PBR (I wish the ISA firewall could do that!) > > to forward > > all outbound HTTP connections to an IP address that forwards the > > connections to the IP address publishing the Web listener. > > > > Or, instead of bringing the crapware NAT device into the mix, > > maybe they > > have a policy (maybe using IEAK or WPAD) to configure the > > branch office > > clients to use the published Web proxy listener at the main office? > > > > Thanks! > > Tom > > > > Thomas W Shinder, M.D. > > Site: www.isaserver.org > > Blog: http://spaces.msn.com/members/drisa/ > > Book: http://tinyurl.com/3xqb7 > > MVP -- ISA Firewalls > > **Who is John Galt?** > > > > > > > > > -----Original Message----- > > > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > > > Sent: Thursday, November 03, 2005 7:07 PM > > > To: [ISAserver.org Discussion List] > > > Subject: [isalist] Re: Publishing the Web Proxy listener > > > > > > http://www.ISAserver.org > > > > > > That's not publishing; that's an access rule. > > > "Publishing" intimates that the connection comes from an untrusted > > > network (read: external or similar). > > > > > > ------------------------------------------------------- > > > Jim Harrison > > > MCP(NT4, W2K), A+, Network+, PCG > > > http://isaserver.org/Jim_Harrison/ > > > http://isatools.org > > > Read the help / books / articles! > > > ------------------------------------------------------- > > > > > > -----Original Message----- > > > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] > > > Sent: Thursday, November 03, 2005 13:53 > > > To: [ISAserver.org Discussion List] > > > Subject: [isalist] Re: Publishing the Web Proxy listener > > > > > > http://www.ISAserver.org > > > > > > Just off the cuff-- corporate may want to force all web > > > traffic from a > > > remote facility to go through a monitored web-proxy by > establishing > > > outbound > > > rules on the SOHO router to only go to the corporate > > > web-proxy without > > > having to establish a VPN. This way, remote traffic could be > > > logged and > > > > > > rules enforced. > > > > > > I just made that up because we could all use more anonymous > > > web-proxies > > > out > > > there. ;) > > > > > > t > > > > > > ----- Original Message ----- > > > From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx> > > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > > > Sent: Thursday, November 03, 2005 1:36 PM > > > Subject: [isalist] Publishing the Web Proxy listener > > > > > > > > > http://www.ISAserver.org > > > > > > Hey folks, > > > > > > Some people have been asking about publishing the web proxy > > > listener so > > > that external users can access the ISA firewall's Web > proxy filter. > > > > > > Can you think of any reason why people would want to do > this? I was > > > thinking of doing an article on how to do it with ISA 2004, > > > but I'd like > > > to have at least three LEGIT reasons for doing this > > > (providing anonymous > > > web proxy for terrorists is not one of them). > > > > > > Thanks! > > > Tom > > > > > > Thomas W Shinder, M.D. > > > Site: www.isaserver.org <http://www.isaserver.org/> > > > Blog: http://spaces.msn.com/members/drisa/ > > > Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> > > > MVP -- ISA Firewalls > > > **Who is John Galt?** > > > > > > > > > > > > ------------------------------------------------------ > > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server FAQ: > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > ------------------------------------------------------ > > > Visit TechGenix.com for more information about our other sites: > > > http://www.techgenix.com > > > ------------------------------------------------------ > > > You are currently subscribed to this ISAserver.org Discussion > > > List as: > > > thor@xxxxxxxxxxxxxxx > > > To unsubscribe visit > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > > > > > ------------------------------------------------------ > > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server FAQ: > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > ------------------------------------------------------ > > > Visit TechGenix.com for more information about our other sites: > > > http://www.techgenix.com > > > ------------------------------------------------------ > > > You are currently subscribed to this ISAserver.org > > Discussion List as: > > > jim@xxxxxxxxxxxx > > > To unsubscribe visit > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > All mail to and from this domain is GFI-scanned. > > > > > > > > > ------------------------------------------------------ > > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server FAQ: > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > ------------------------------------------------------ > > > Visit TechGenix.com for more information about our other sites: > > > http://www.techgenix.com > > > ------------------------------------------------------ > > > You are currently subscribed to this ISAserver.org Discussion > > > List as: tshinder@xxxxxxxxxxxxxxxxxx > > > To unsubscribe visit > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org > Discussion List as: > > jim@xxxxxxxxxxxx > > To unsubscribe visit > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > All mail to and from this domain is GFI-scanned. > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion > > List as: tshinder@xxxxxxxxxxxxxxxxxx > > To unsubscribe visit > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > jim@xxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > All mail to and from this domain is GFI-scanned. > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > >