• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA bypassed by everything but local host

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> General >> ISA bypassed by everything but local host Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA bypassed by everything but local host - 11.May2009 3:37:33 PM   
evanthes

 

Posts: 10
Joined: 11.May2009
Status: offline
It seems that servers that are on my network are bypassing my newly installed ISA server and going straight to the host. However from my ISA server I can see in the logs that it authenticates and is allowed by my server.

I have made policies that are very general, such as allow all HTTP users from the internal network to anywhere, thjis is setup for all users. Although I still dont see anything in the logs besides the traffic from the local host and various Net Bios stuff.

If anyone has any suggestions as what I should look at to try and have the ISA server mediate traffic from other servers, that would be awesome. Let me know if you need me to supply more information as well.
Post #: 1
RE: ISA bypassed by everything but local host - 11.May2009 4:02:36 PM   
evanthes

 

Posts: 10
Joined: 11.May2009
Status: offline
by the way, I'm running on a single NIC, could that be part of this problem?

Thanks

(in reply to evanthes)
Post #: 2
RE: ISA bypassed by everything but local host - 11.May2009 5:11:37 PM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

quote:

It seems that servers that are on my network are bypassing my newly installed ISA server and going straight to the host


Where are these hosts? Internal network?

Regards,
Paulo Oliveira.

(in reply to evanthes)
Post #: 3
RE: ISA bypassed by everything but local host - 12.May2009 5:18:46 AM   
Dumber

 

Posts: 278
Joined: 21.Mar.2008
Status: offline
Are the clients configured to use the ISA server as their proxy server?

_____________________________

Marcel
Netherlands

MCTS, MCITP (SA,EA) MCP, MCSA:Security, MCSE:Security, CCNA, CCSA, CCSE, CCSE+
No matter how secure, there is always the human factor.
http://www.phetios.com/

(in reply to paulo.oliveira)
Post #: 4
RE: ISA bypassed by everything but local host - 12.May2009 8:42:37 AM   
evanthes

 

Posts: 10
Joined: 11.May2009
Status: offline
quote:

ORIGINAL: paulo.oliveira

Where are these hosts? Internal network?



Yes they are internal, our sharepoint server is really all I'm trying to set this up for (which ahs an internal ip)

Thanks, Evan

(in reply to paulo.oliveira)
Post #: 5
RE: ISA bypassed by everything but local host - 12.May2009 8:48:43 AM   
evanthes

 

Posts: 10
Joined: 11.May2009
Status: offline
quote:

ORIGINAL: Dumber

Are the clients configured to use the ISA server as their proxy server?



Is making a firewall policy the same thing? I made an access rule that applies to our sharepoint site, so shouldnt the ISA manage all the traffic going to that site from now on? Our Sharepoint site is goiing to have thousands of users, so configuring the proxy for each user would not be ideal. Is this the correct way of thinking?

thanks for your help so far guys.

(in reply to Dumber)
Post #: 6
RE: ISA bypassed by everything but local host - 12.May2009 8:51:06 AM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi Evan,

you have two options:

1- Configure WPAD and create an exception list on ISA console;
2- Configure the exception list in the browser configuration.

Regards,
Paulo Oliveira.

(in reply to evanthes)
Post #: 7
RE: ISA bypassed by everything but local host - 12.May2009 9:52:39 AM   
evanthes

 

Posts: 10
Joined: 11.May2009
Status: offline
I'm not sure if I am doing a good job of explaining my issue. I tried to put in a layout of what I'm looking to happen.



Right now the only traffic that goes to Sharepoint VIA the ISA is when I try to access the Sharepoint from the ISA server itself. We would like to have clients within our network and on different subnets be able to access Sharepoint via the ISA so they wont ahve to enter their password multiple times, but right now it only works from the server itself

We really arent looking for the ISA to do anything else but this. Do you think we need two network cards enabled? Or is the proxy necessary? Thanks for your help

(in reply to paulo.oliveira)
Post #: 8
RE: ISA bypassed by everything but local host - 12.May2009 12:58:59 PM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

ok, got it. How is configured your sharepoint publishing rule? What networks do you have on ISA Internal Network definition?

Regards,
Paulo Oliveira.

(in reply to evanthes)
Post #: 9
RE: ISA bypassed by everything but local host - 12.May2009 1:08:54 PM   
evanthes

 

Posts: 10
Joined: 11.May2009
Status: offline
quote:

ORIGINAL: paulo.oliveira

Hi,

ok, got it. How is configured your sharepoint publishing rule? What networks do you have on ISA Internal Network definition?

Regards,
Paulo Oliveira.



My internal network has it was picked up by adding my adapter:

0.0.0.1 - 126.255.255.255
128.0.0.0 - 223.255.255.255

My publishing rule Allows HTTP From internal network to the sharepoint server, I set all users. I test the rule and it completes successfully. Let me know if you need more info, thanks!

(in reply to paulo.oliveira)
Post #: 10
RE: ISA bypassed by everything but local host - 12.May2009 1:31:51 PM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

your users browsers are configured to bypass your internal network? Can you provide details of your publishing rule? Are you using WPAD?

Regards,
Paulo Oliveira.

(in reply to evanthes)
Post #: 11
RE: ISA bypassed by everything but local host - 12.May2009 1:46:33 PM   
evanthes

 

Posts: 10
Joined: 11.May2009
Status: offline
I havent configured anything on my web browsers. Do I need to? I thought the ISA would grab traffic to the published site?


I listed information about the publishing rule in my last post, is there a better way for me to do that, or is there more information you need?

Thanks,

Evan

(in reply to paulo.oliveira)
Post #: 12
RE: ISA bypassed by everything but local host - 12.May2009 2:25:57 PM   
evanthes

 

Posts: 10
Joined: 11.May2009
Status: offline
I've enabled WPAD, but it seems that most of the network now travels through the ISA server. Shouldnt only the traffic that goes to my published site go through my ISA server?

Thanks

(in reply to evanthes)
Post #: 13
RE: ISA bypassed by everything but local host - 12.May2009 4:25:37 PM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

when ISA is configured in single-NIC mode it handles only http, https and ftp protocols.

All the traffic using these protocols will pass through ISA. Because ISA is been used as your proxy server. It isnīt that what you want in the first place?

Regards,
Paulo Oliveira.

(in reply to evanthes)
Post #: 14

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> General >> ISA bypassed by everything but local host Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts