It would be nice to have Web Publishing Rules that actually revealed the client IP address rather than the ISA Server's internal IP address.
As it stands now, if we have a client that requires web stats we are forced to use the less secure Server Publishing Rule so that the IIS logs reveal the client's IP address.
It sure would be nice if Web Publishing Rules did this so that we could take advantage of URLScan's added security, etc.
Good question. I've interested in that but still have no solution also. It would be great to have an opportunity to have a real IP with Web publishing.
An to others. You just have to make a log analyser for the proxy service logfiles.
I do it in SQL server an the bring the logs out in an asp file.
Works like a charme. But it could be more nice when you use forums on the webserver we need loging of IP's. There for we use serverpub for the forum. An could be nice to change that.
RE: Actual client IP addresses with a Server Publishing... - 27.Nov.2003 1:27:00 AM
Guest
It's really frustrating not having this feature in ISA 2000. How far away is a beta release of ISA 2004. Is anyone using it already - is it more than than ISA 2000?
Microsoft had initially advised that ISA 2004 would ship with Small Business Server 2003, then changed their minds (the ISA upgrade was taking too long I presume).
Paul - WorldDJ.com - global online electronic music magazine
ISA 2k reveals the actual IP address of the client in server publishing rule(not web publishing rule) if you use SNAT for your web server in your trusted network and make the ISA server as your default gateway for the Web server.
All you have to do is make a web server on another box, make the ISA the default gateway of the web server, make server publishng rule in ISA for port 80 or any port your web server is listening on with the external/public ip you want to publish your web and the internal ip of your web server.
I dont know if it will work if your web server in in the DMZ side. Mine works fine since my web server is inside the private network using SNAT.