Selective Logging on ISA 2000

  • From: Michael Saul <michael.saul@xxxxxxxxx>
  • To: isalist@xxxxxxxxxxxxx
  • Date: Mon, 28 Nov 2005 10:45:24 -0800

Hi all,

Long time reader, first time poster.  I have a question about creating
a selective log file with ISA 2000 Enterprise.

We are currently using a two server array as a perimeter firewall.  We
are publishing several websites using the standard publishing, with
NLB on the outside.

One of the web sites that we are publishing is a standard .NET web
service.  We are using bridged SSL along with specific address sets to
filter access.

All of this has been working very well for us for several months.  As
a matter of fact, we get several thousand transactions through the web
services all day long.

Here's the issue part:  we have one vendor who recently installed a
firewall (it's unknown what kind) and is no longer able to to access
our web services.  Several dozen other companies are all still
functioning just fine.

I have been asked to troubleshoot this on our end (yes I know-they
changed something and it stopped working-seems to me the issue is on
their side).  I know that the issue is at the ISA server because I'm
not seeing anything on the web server logs.

Is there a way to see a log of all connections to a specific published
site?  I know that I can use the web logs to see all of our successful
connections to the published site, but it is not logging the rest of
the connections.  I'm hesitant to turn on full logging because there
would be mountains of data to get through and the performance hit
might be a bit much.

Does anyone have any suggestions about how I could get more
information about what is failing, or how I could turn on logging for
a specific published site?

Thank you in advance!

Michael Saul


Other related posts: