Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Firewall Client with proxy server and bypass list

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Firewall Client >> Firewall Client with proxy server and bypass list Page: [1]
Login
Message << Older Topic   Newer Topic >>
Firewall Client with proxy server and bypass list - 5.Oct.2007 2:30:37 PM   
abqtech

 

Posts: 216
Joined: 9.Mar.2004
Status: offline 		I'm in the midst of planning our MS Firewall Client deployment, and am trying to account for the following:
We currently have a GPO that includes several internal domains and IP address space for the "bypass proxy server for local addresses" setting within our Internet Explorer browsers.  However I cannot find out how to specify an equivalent bypass list (of domains and IP address space) to the browser when the Firewall Client is enabled on the workstation.  Therefore the workstation essentially get's a blank "bypass list".  Which is causing certain webproxy client traffic (such as Java clients and multimedia plug-ins and internal HTTP processes that utilize Internet Explorer's Proxy Server setting) to arrive at ISA.   But I want to avoid these webproxy connections from arriving at ISA, so that I don't have to create an allow rule for them, as well as removing an extra hop (extra point of failure), because these are all internal communications.


Side note: Our primary browser configuration is set to use the automatic configuration script and therefore we're running webproxy clients for all our internal browsers.

Anyone else run into this?  What did you do?

Thanks!

< Message edited by abqtech -- 5.Oct.2007 2:33:11 PM >
Post #: 1
RE: Firewall Client with proxy server and bypass list - 5.Oct.2007 3:21:55 PM   
elmajdal

 

Posts: 5074
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline 		Hi,

If you have ISA Server 2004 SP2 and above, then check this : http://support.microsoft.com/kb/920715

_____________________________

Tarek Majdalani

MS Forefront Edge Security MVP
Website : http://www.elmajdal.net/ISAServer
New Section : http://www.elmajdal.net/Win2k8

(in reply to abqtech)
Post #: 2
RE: Firewall Client with proxy server and bypass list - 5.Oct.2007 5:19:27 PM   
abqtech

 

Posts: 216
Joined: 9.Mar.2004
Status: offline 		Thanks for the reply, however....
I have 2004 with sp2, and the webproxy clients that use the routing script work properly, what does not work are the webproxy clients that cannot utilize a routing script, and therefore use the proxy server.  And since the ISA Server is not furnishing a "bypass list" to the browsers proxy server / bypass proxy server for local addresses, I'm running into this problem.  I think it may be a feature that is not configurable via the ISA MMC, perhaps a "work around" is availble to fix this issue, or maybe is a glaring oversight by microsoft.

Any ideas?

(in reply to elmajdal)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Firewall Client >> Firewall Client with proxy server and bypass list Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts