[isalist] Re: Transparent Proxy
- From: "Ara Avvali" <Ara.Avvali@xxxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Tue, 30 May 2006 13:06:32 -0700
Hi Tom,
I was just wondering if it is "mandatory" to make changes in IE or
installing firewall client for clients to use http cache as opposed to
UNIX based caching solutions.
Thanks
________________________________
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Thomas W Shinder
Sent: Tuesday, May 30, 2006 12:09 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Transparent Proxy
Hi Ara,
What are you actually trying to accomplish?
Thanks!
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ara Avvali
Sent: Tuesday, May 30, 2006 12:35 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Transparent Proxy
Ok Tom,
So if I create a tcp:80 protocol and not bind it to web proxy
filter and create an allow rule from internal to external using that
protocol, this means I don't have to change any settings in IE nor
installing firewall client, right? And it also means it automatically
goes to cache for higher speed.
Thanks
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder
Sent: Tuesday, May 30, 2006 10:24 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Transparent Proxy
The Web proxy filter hooks into the Firewall service and the
SecureNAT client requests are transparently forwarded through the
Firewall Service to the Web proxy filter.
The SurfControl issue was a programming snafu on the
SurfControl's part, not an ISA firewall problem, per se.
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ara Avvali
Sent: Tuesday, May 30, 2006 12:13 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Transparent Proxy
Hi
Let me get it straight. If I use a client which is using
internal side of ISA as default gateway, there is no need to make any
changes in web browser or installing firewall client? This doesn't make
any sense cause as far as I remember, there was a long discussion here
regarding surf control not being able to see none proxy requests so the
solution was to create a separate http:80 and not to bind it to web
proxy filter.
If transparent proxy was working, we never had to be
worried about none proxy requests.
Thanks
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Greg Mulholland
Sent: Monday, May 29, 2006 10:35 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Transparent Proxy
Yes it can
Securenat clients outbound internet traffic will be
intercepted by the web proxy service..
Greg Mulholland
________________________________
From: isalist-bounce@xxxxxxxxxxxxx on behalf of Ara
Avvali
Sent: Tue 30/05/2006 2:33 PM
To: isalist@xxxxxxxxxxxxx
Subject: Transparent Proxy
Hi Everyone,
As far I know and understand, doing so is not possible
with ISA server, right? You can't force/deploy ISA server without
touching clients otherwise they can't browse the net. According to this
article http://en.wikipedia.org/wiki/Proxy_server in transparent mode,
all nat requests are routed to proxy which opposed in ISA you have to
setup IE or deploy firewall client.
Any clarification is much appreciated.
Other related posts:
