domenica 6 maggio 2012 02:26
I'm trying to setup ISA 2006 for the first time.
At this point, all we want to do is have all traffic going from the LAN to the Internet be forced to go through the web proxy, authenticated to a user and sites logged.
We do not want to block access to any domain users, just record who is going where at what time into logs that can be saved and put into reports.
I have got an ISA 2006 Enterprise server up and running on a Server 2003 R2 server joined to the domain and have pointed the gateway address in TCP/IP setting on one client computer to this ISA server.
I can only get the internet access to work with firewall policy "Unrestricted Internet Access" set with the users in the Users tab set to "All Users." If I try changing to "All Authenticated Users," there is no internet access to the computer and it doesn't prompt for credentials.
If I leave it set for "All Users," then the monitoring only shows username "anonymous" and this defeats the purpose. We need to see domain user names associated with the connections.
What settings are needed to get it to work so it prompts for credentials, logs traffic, but doesn't block traffic to authenticated users?
Tutte le risposte
domenica 6 maggio 2012 07:13
if you want to control access to the Internet for specific user/groups to monitor the usage, the clients must be Webproxy clients for HTTP/HTTPS traffic or ISA Server Firewall clients for other TCP/UDP traffic:
regards Marc Grote aka Jens Baier - www.it-training-grote.de - www.forefront-tmg.de - www.nt-faq.de
- Contrassegnato come risposta MyGposts domenica 6 maggio 2012 15:35
lunedì 7 maggio 2012 05:04
I marked that as an answer since I found some helpful info, but I really can't find everything I'm looking for there.
I can't find a walkthrough or step by step setup of a ISA 2006 web proxy with examples shown to use as a template for your own configuration.
What needs to be done so the internet access only works if the computers go through the ISA 2006 proxy?
I can configure IE ISA server proxy settings manually or through a group policy, but I don't know what needs to be done so access to the internet is blocked if the proxy is bypassed?