All N2H2 does Is put a web filter in, it doesn't effect the content or protocol rules. The only rule that has "all users" is a web publishing rule, and I don't know of any other way to allow access to anonymous users that to do that. Sorry it was Thomas's paper "http://www.isaserver.org/tutorials/disableanonoutbound.html"; -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Monday, September 26, 2005 1:00 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: School ISA Problems http://www.ISAserver.org The one on your front lawn? Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls > -----Original Message----- > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > Sent: Monday, September 26, 2005 12:44 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: School ISA Problems > > http://www.ISAserver.org > > What paper? > > If any rule uses "all users", it has priority over > authenticated rules. > What requirements does the N2H2 place on your user access? > > ------------------------------------------------------- > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG > http://isaserver.org/Jim_Harrison/ > http://isatools.org > Read the help / books / articles! > ------------------------------------------------------- > > > -----Original Message----- > From: Chris Rollison [mailto:crollison@xxxxxxxxxxxxxxxxxxx] > Sent: Monday, September 26, 2005 10:41 > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: School ISA Problems > > http://www.ISAserver.org > > I use Bess/N2H2 filtering for our school. I tried using your > paper as a > guide, but couldn't get it to work w/o checking the "ask unauth" the > only rules that have everyone listed in access is a > publishing rule. All > site/content and protocol rules have either user/group lists or client > access list. If I uncheck all I get in the monitor is anonymous's. > > -----Original Message----- > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > Sent: Monday, September 26, 2005 12:12 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: School ISA Problems > > http://www.ISAserver.org > > Are you using any third-party filters? > Using "ask unauth.." is not required unless you have a S&C or protocol > rule allowing anonymous connections. > > ------------------------------------------------------- > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG > http://isaserver.org/Jim_Harrison/ > http://isatools.org > Read the help / books / articles! > ------------------------------------------------------- > > -----Original Message----- > From: Chris Rollison [mailto:crollison@xxxxxxxxxxxxxxxxxxx] > Sent: Monday, September 26, 2005 10:00 > To: [ISAserver.org Discussion List] > Subject: [isalist] School ISA Problems > > http://www.ISAserver.org > > I just recently started having all of the students in my k-12 > school log > into the network with their own usernames/passwords. In > order to start > filtering and logging per user activity I had to turn on the "ask > unauthenticated users" (don't have any site or protocol rules for > "everyone" and still won't log individuals). Anyway, the meat of the > problems are that people will get firewall login's popping up > on odd web > pages. Things that are still only going through port 80 are > asking for > firewall authentication even though I am using firewall > client. Anyone > have any ideas. I thought I was pretty proficient in ISA > 2000, but this > is killing me. Thanks. > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > jim@xxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > All mail to and from this domain is GFI-scanned. > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > crollison@xxxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > jim@xxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > All mail to and from this domain is GFI-scanned. > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: crollison@xxxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx