MessageThanks Tom, It has options to balance a firewall. I will dive in, this is a pretty cool project. Shane ----- Original Message ----- From: Thomas W Shinder To: [ISAserver.org Discussion List] Sent: Thursday, July 24, 2003 11:31 AM Subject: [isalist] RE: isa load balancing and logging user name http://www.ISAserver.org Hi Shane, That's quite cool! However, you will need to use Firewall and/or Web Proxy clients to get user info into the logs. FWIU, the hardware switch is transparent to the clients and the ISA Server, so that could create some significant issues if the switch doesn't balancing connections in a "firewall friendly" manner. HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: shane mullins [mailto:tsmullins@xxxxxxxxxxxxxx] Sent: Thursday, July 24, 2003 10:20 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: isa load balancing and logging user name http://www.ISAserver.org Thanks Tom, We have a Cisco 4840G Server Load Balancing switch I was hoping to use. I have tried the NLB and had problems with it, most likely my setup. I was hoping if I disabled anonymous logins and used a secure nat client I could capture user info somehow. I will mess with it this afternoon and let everyone know how it turns out. The 4840G SLB switches are pretty cool. We rcvd two in a grant. Shane ----- Original Message ----- From: Thomas W Shinder To: [ISAserver.org Discussion List] Sent: Thursday, July 24, 2003 10:54 AM Subject: [isalist] RE: isa load balaning and logging user name http://www.ISAserver.org Hi Shane, You can configure the Web Proxy and Firewall clients to use NLB too. However, if you do configure the Web Proxy clients to use NLB, do not use CARP, as you will not realize any benefit and there are potential complications. I've read that only SecureNAT clients are supported in an outbound NLB environment, but I'm not sure why. I've used it with Firewall clients and haven't noticed anything outrageously bad happening :-) I would highly recommend that you use Windows Server 2003 for your ISA Server firewalls if you want to use NLB, though. If you use Win2k, then use RainWall to provide NLB services. HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: shane mullins [mailto:tsmullins@xxxxxxxxxxxxxx] Sent: Thursday, July 24, 2003 9:56 AM To: [ISAserver.org Discussion List] Subject: [isalist] isa load balaning and logging user name http://www.ISAserver.org If one wants to use load balancing (either nlb or hardware) the isa clients must be secure nat clients. Is it possible to still log user info? I am reading Mr Shinder's article on Web Proxy Logs and Reports right now. But, my boss wants me to be sure. I have told him I don't think it is possible. Thanks Shane ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tsmullins@xxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')