Re: Publishing the Web Proxy listener
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 3 Nov 2005 20:46:55 -0600
Hmmm. Never thought of it that way. Good point.
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> Sent: Thursday, November 03, 2005 8:44 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: Publishing the Web Proxy listener
>
> http://www.ISAserver.org
>
> Maybe if they spent the nickels, they'd have a pot..?
> =^p
>
> -------------------------------------------------------
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/Jim_Harrison/
> http://isatools.org
> Read the help / books / articles!
> -------------------------------------------------------
>
>
> -----Original Message-----
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> Sent: Thursday, November 03, 2005 18:30
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: Publishing the Web Proxy listener
>
> http://www.ISAserver.org
>
> Hey Jim,
>
> From what I hear, small biz doesn't have a pot to p*ss in or
> two nickles
> to rub against each other. So maybe it would work :\/P
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> **Who is John Galt?**
>
>
>
> > -----Original Message-----
> > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> > Sent: Thursday, November 03, 2005 8:24 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] Re: Publishing the Web Proxy listener
> >
> > http://www.ISAserver.org
> >
> > Ew.
> >
> > ..and if they're that cheap, they also have a dynamic IP.
> > How do we propose to limit access to the WPR if you can't
> > "allow only"?
> > Can we say "publish your wpad and wspad data to the Internet"?
> >
> > -------------------------------------------------------
> > Jim Harrison
> > MCP(NT4, W2K), A+, Network+, PCG
> > http://isaserver.org/Jim_Harrison/
> > http://isatools.org
> > Read the help / books / articles!
> > -------------------------------------------------------
> >
> >
> > -----Original Message-----
> > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> > Sent: Thursday, November 03, 2005 17:19
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] Re: Publishing the Web Proxy listener
> >
> > http://www.ISAserver.org
> >
> > Hey Jim,
> >
> > How about this scenario:
> >
> > Branch office is connected to the Internet through something like a
> > Sonicsquall NAT device. They don't have a site to site VPN
> > with the main
> > office.
> >
> > The main office uses an edge ISA firewall, or maybe a back-end ISA
> > firewall, and wants to publish the ISA firewall's internal-side (not
> > necessarily part of the default Internet Network) listener to
> > the branch
> > office users. Maybe the SOHO NAT device used at the branch
> offices can
> > do some sort of PBR (I wish the ISA firewall could do that!)
> > to forward
> > all outbound HTTP connections to an IP address that forwards the
> > connections to the IP address publishing the Web listener.
> >
> > Or, instead of bringing the crapware NAT device into the mix,
> > maybe they
> > have a policy (maybe using IEAK or WPAD) to configure the
> > branch office
> > clients to use the published Web proxy listener at the main office?
> >
> > Thanks!
> > Tom
> >
> > Thomas W Shinder, M.D.
> > Site: www.isaserver.org
> > Blog: http://spaces.msn.com/members/drisa/
> > Book: http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> > **Who is John Galt?**
> >
> >
> >
> > > -----Original Message-----
> > > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> > > Sent: Thursday, November 03, 2005 7:07 PM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] Re: Publishing the Web Proxy listener
> > >
> > > http://www.ISAserver.org
> > >
> > > That's not publishing; that's an access rule.
> > > "Publishing" intimates that the connection comes from an untrusted
> > > network (read: external or similar).
> > >
> > > -------------------------------------------------------
> > > Jim Harrison
> > > MCP(NT4, W2K), A+, Network+, PCG
> > > http://isaserver.org/Jim_Harrison/
> > > http://isatools.org
> > > Read the help / books / articles!
> > > -------------------------------------------------------
> > >
> > > -----Original Message-----
> > > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> > > Sent: Thursday, November 03, 2005 13:53
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] Re: Publishing the Web Proxy listener
> > >
> > > http://www.ISAserver.org
> > >
> > > Just off the cuff-- corporate may want to force all web
> > > traffic from a
> > > remote facility to go through a monitored web-proxy by
> establishing
> > > outbound
> > > rules on the SOHO router to only go to the corporate
> > > web-proxy without
> > > having to establish a VPN. This way, remote traffic could be
> > > logged and
> > >
> > > rules enforced.
> > >
> > > I just made that up because we could all use more anonymous
> > > web-proxies
> > > out
> > > there. ;)
> > >
> > > t
> > >
> > > ----- Original Message -----
> > > From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > Sent: Thursday, November 03, 2005 1:36 PM
> > > Subject: [isalist] Publishing the Web Proxy listener
> > >
> > >
> > > http://www.ISAserver.org
> > >
> > > Hey folks,
> > >
> > > Some people have been asking about publishing the web proxy
> > > listener so
> > > that external users can access the ISA firewall's Web
> proxy filter.
> > >
> > > Can you think of any reason why people would want to do
> this? I was
> > > thinking of doing an article on how to do it with ISA 2004,
> > > but I'd like
> > > to have at least three LEGIT reasons for doing this
> > > (providing anonymous
> > > web proxy for terrorists is not one of them).
> > >
> > > Thanks!
> > > Tom
> > >
> > > Thomas W Shinder, M.D.
> > > Site: www.isaserver.org <http://www.isaserver.org/>
> > > Blog: http://spaces.msn.com/members/drisa/
> > > Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
> > > MVP -- ISA Firewalls
> > > **Who is John Galt?**
> > >
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion
> > > List as:
> > > thor@xxxxxxxxxxxxxxx
> > > To unsubscribe visit
> > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org
> > Discussion List as:
> > > jim@xxxxxxxxxxxx
> > > To unsubscribe visit
> > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > > All mail to and from this domain is GFI-scanned.
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion
> > > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > > To unsubscribe visit
> > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org
> Discussion List as:
> > jim@xxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> > All mail to and from this domain is GFI-scanned.
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion
> > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> All mail to and from this domain is GFI-scanned.
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
Other related posts:
