Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Client for ISA Server
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Client for ISA Server - 13.Feb.2006 8:47:31 PM
|
|
|
bhavin78
Posts: 429
Joined: 18.Jul.2005
From: USA
Status: offline
|
What happens when all three clients are configured on a PC? [secnat/webproxy/firewall] which one gets the higest priority?
what happens when you install FWC andconfigure enable [web browsing automatic configuration] which one is it going to use webproxy or FWC? I am really confued with this and whats the reason for this option once FWC is there?
some time In my logs I see users entry as anonymous user + secnat + webproxy...why and what's the reason?
|
|
|
|
|
RE: Client for ISA Server - 14.Feb.2006 2:19:20 PM
|
|
|
bhavin78
Posts: 429
Joined: 18.Jul.2005
From: USA
Status: offline
|
I have gone through the article and I understood what it means to say.
SecNAT client works on NetworkLayer, WEBPROXY works on Application layer and Firewall client works on Transport layer.
But I still have question
1)what happen when Firewall client is configured on user pc and when firewall is configured, there is also an configuration to enable browser setting so webproxy is there along with firewall client. what will happen in this case, which one has the priority and what will logs display for it session type?
Same question but different scenario?
2)secNat Client with webbproxy
3)SecNaT and firewall client
4) firewall client/secNat/webproxy
Please try to make this clear for me
|
|
|
|
|
RE: Client for ISA Server - 14.Feb.2006 2:40:46 PM
|
|
|
LLigetfa
Posts: 2184
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
|
It would be nice to have a clear understanding of how precedence works in the case all three client types can service the request. I understand that for HTTP, WP should take precedence over FWC but sometimes I find that not to be the case, having to disable FWC to force WP to do the work.
_____________________________
The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.
|
|
|
|
|
RE: Client for ISA Server - 14.Feb.2006 2:53:52 PM
|
|
|
bhavin78
Posts: 429
Joined: 18.Jul.2005
From: USA
Status: offline
|
if this is the case that HTTP and WP will take the precedence than what will happen when you try to connect to yahoo messenger when all three ISA server client are configured?
with webproxy Yahoo messenger does not work so will Firewall client next in the precedence handle this when it was rejected by WP?
please also try to answer my question in previous post?
|
|
|
|
|
RE: Client for ISA Server - 14.Feb.2006 10:02:11 PM
|
|
|
bhavin78
Posts: 429
Joined: 18.Jul.2005
From: USA
Status: offline
|
The way a particular request is sent completely depends on the application and the configuration settings on the host.
Here's an example?
My PC is configured with all three ISA client
Now I connect to http://www.microsoft.com which client is it going to use?
I connect to FTP://ftp.microsoft.com which client is it going to use?
Yahoo messenger which client is it going to use?
|
|
|
|
|
RE: Client for ISA Server - 14.Feb.2006 10:23:13 PM
|
|
|
bhavin78
Posts: 429
Joined: 18.Jul.2005
From: USA
Status: offline
|
1)what happen when Firewall client is configured on user pc and when firewall is configured, there is also an configuration to enable browser setting so webproxy is there along with firewall client. what will happen in this case, which one has the priority and what will logs display for it session type?
so in this case when you install firewall client webproxy is also configures so what happens in this case?
the reason I am asking you this is becasue in my log there are entry for both webproxy and firewall client as session.
and webproxy client are not able to connect to ftp site I dont know why, I tried everything. even in access rule ftp is allowed and enable folder view is checked in IE options settings. so I configured the user with both secNat and webproxy
Hope you will help to resolve all this issue?
|
|
|
|
|
RE: Client for ISA Server - 15.Feb.2006 3:00:25 PM
|
|
|
bhavin78
Posts: 429
Joined: 18.Jul.2005
From: USA
Status: offline
|
VERY good article.
But, it will take some time for me to figure out what should settings should I configure for webproxy client and SecNat client so that they can access FTP sites. Can you please help me on that?
As far as I have understood and tested there is nothing wrong when connecting to ftp sites when FW client is installed
with web proxy this are my configuration and still doesnot work
- Enable folder view for FTP sites.
- Use Passive FTP (for firewall and DSL modem compatibility).
please help me on this, I have being posting many request since last 4-5 months.
|
|
|
|
|
RE: Client for ISA Server - 15.Feb.2006 3:24:02 PM
|
|
|
bhavin78
Posts: 429
Joined: 18.Jul.2005
From: USA
Status: offline
|
I tried with the below configuration
User configured to use webproxy client
enable folder view for FTP site NOT checked
use passive FTP mode Checked
ftp://ftp.microsoft.com works fine
but when I try ftp://63.87.72.12 I get an error
Technical Information (for support personnel)
Error Code: 502 Proxy Error. The login request was denied. The logon account might have been disabled or logon information might have changed. Log on again to verify that the information was typed correctly. If the problem continues, report the problem to the administrator of the Internet server you are requesting. (12015)
IP Address: 63.87.72.12
Date: 2/15/2006 2:13:36 PM
Source: proxy
|
|
|
|
|
RE: Client for ISA Server - 16.Feb.2006 6:45:36 PM
|
|
|
bhavin78
Posts: 429
Joined: 18.Jul.2005
From: USA
Status: offline
|
spouseele,
can you please reply to my last post and all other missing question. IT would be nice to know from expert like you.
|
|
|
|
|
RE: Client for ISA Server - 16.Feb.2006 10:25:55 PM
|
|
|
spouseele
Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline
|
Hi bhavin78,
I thought this topic was all about the different ISA client types and now you are changing the subject! 
First, why do you use IE as FTP client? It's not designed as a full blown FTP client! Moreover, if you use tunneled FTP, also called FTP over HTTP, than only FTP download is possible. So, if you have FTP problems, please test first with the standard Microsoft command line FTP client. 
If you would have done that, you would have seen that 'ftp.microsoft.com' accepts anonymous connections but '63.87.72.12' does not. Now, if you have to specify a username and password in IE for FTP, use the syntax 'ftp://username:password@FQDN'.
HTH,
Stefaan
< Message edited by spouseele -- 16.Feb.2006 10:27:40 PM >
|
|
|
|
|
RE: Client for ISA Server - 17.Feb.2006 2:32:51 PM
|
|
|
bhavin78
Posts: 429
Joined: 18.Jul.2005
From: USA
Status: offline
|
I dont want to use IE as FTP client but ws_FTP does not work for webproxy client and I dont want to install Firewall client on all PC. If I am doing something wrong just guide to right direction with right solution.
thanks
|
|
|
|
|
RE: Client for ISA Server - 18.Feb.2006 12:05:56 AM
|
|
|
Jason Jones
Posts: 2119
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
|
If you dont wan to use web proxy or firewall clients, you will have to make the client a securenat client e.g. it's default gateway or a LAN routers default gateway will need to point to ISA's internal interface (assuming you have a two NIC ISA)
JJ
_____________________________
Jason Jones (MVP)
Silversands Limited http://www.silversands.co.uk
My Blog: http://blog.msfirewall.org.uk/
Get our NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
