Quick (and probably obvious) question
- From: "Rogers, Brian" <RogersB@xxxxxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 13 Aug 2002 13:16:52 -0400
When looking at the "Sessions" container in ISA management I see quite a few
rather unusual entries on a consistent basis.
Session Type - Web Session
User Name - Anonymous
Client Computer - Blank
Client Address - External Routable IP or 127.0.0.1 (this one bugs me)
Activiation - Current Date/time
My question is this. I would assume that the Client Address section lists
External Routable IP addresses this is tracking an inbound Web session to
one of our published websites/ftp sites through the ISA Server. However
what I don't get is the 127.0.0.1 entry. Noone logs on to the ISA box
itself and browses the web.
It is obvious that A LOT of web traffic is being generated with the source
address being 127.0.0.1 as we use Surfcontrol to monitor proxy traffic. It
shows 10s of thousands of hits to various websites from the client 127.0.0.1
and I cannot figure out why.
Normal proxy and firewall clients show up just fine in the Surfcontrol
reports....I just cannot figure out why all this traffic is listing itself
as coming from the loopback adapter.
Other related posts:
