RE: Web publishing and ISA 2004

• From: "Bryan D. Andrews" <bandrews@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 10 Aug 2004 14:02:04 -0400

OK, so if an internal box is using ISA server as a gateway, then it's a
SecureNAT Client? 

This is how my extranet servers are published currently -- so now I can
have isa preserve the IP of the external request and my logs will
reflect this on my webserver?

Thanks for all the help.


-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] 
Sent: Sunday, August 08, 2004 1:57 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Web publishing and ISA 2004

http://www.ISAserver.org

Lemme see if I can help:
By definition, SecureNAT clients are able to use ISA as a router (rules
allowing).
This isn't an ISA requirement, it's basic TCP/IP routing.

In order to preserve the C-IP, the published server MUST be able to
respond to off-subnet connections.  This means that the published server
needs a default route that will send its responses back to the
originator.


  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!


On Sun, 8 Aug 2004 13:31:54 -0400
 "Bryan D. Andrews" <bandrews@xxxxxxxxxxxxxxxxxx> wrote:
http://www.ISAserver.org

Hi,

Are you saying that they HAVE to be SecureNAT clients to preserve the
IP? Or will they still be "Published Websites"? Or... When you select
"preserve the source ip", does that mean it's a secureNAT client? Maybe
I am not clear what is a secureNAT client and what is not with respect
to publishing servers and websites...

We would like to keep them as published websites rather than published
servers, we would just like for ISA to pass thru the ip so we can report
with webtrends or other log analysis apps more accurately.

Thanks for the reply... 

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Friday, July 23, 2004 8:50 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Web publishing and ISA 2004

http://www.ISAserver.org

Hi Bryan,

I don't know if I would call it "proper" since many organizations don't
want to make their published server SecureNAT clients. But, the ISA 2004
firewall does allow you the option to preserve the source IP address in
Web Publishing rules.

HTH,

Tom
www.isaserver.org/shinder
Get the book!
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls



-----Original Message-----
From: Bryan D. Andrews [mailto:bandrews@xxxxxxxxxxxxxxxxxx]
Sent: Friday, July 23, 2004 7:30 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Web publishing and ISA 2004


http://www.ISAserver.org

Does ISA pass the client ip properly now to web servers that are
published -- as opposed to every request looking like it came from
ISAServer?

Thanks!


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
bandrews@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
bandrews@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist

Other related posts:

• » Web publishing and ISA 2004
• » RE: Web publishing and ISA 2004
• » RE: Web publishing and ISA 2004
• » RE: Web publishing and ISA 2004
• » RE: Web publishing and ISA 2004
• » RE: Web publishing and ISA 2004
• » RE: Web publishing and ISA 2004

1. Home
2. isalist
3. Archive
4. 08-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---