I've a problem when using an upstream proxy server. I've created a web chaining rule so that all traffic is routed to our upstream proxy server (Astaro ASL V6). For web proxy clients this works fine, however, for secureNAT clients it doesn't. For some reason, the HTTP Host headers aren't sent. Thus websites are reporting that we aren't allowed to acces that site (and it reports the ip-address). Or we see the page of the provider hosting the site and not the site itself.
How could a SecureNAT client send a host header? They resolve the names themselves and send the request to the destination IP address. Doesn't the simple Astaro device so reverse lookups?
sure it can. But how about multiple web sites on a single IP address ? It looks like it's doing exactly that, on some sites I end up on the website of the hosting provider instead of the website itself.
but how do you explain then why it's working fine as soon as I disbale wheb chaning but when I enable it is goes wrong. Am I missing some configuration I have to do. When doing a network trace when webchaining is enabled, you can see that ISA inserts the IP address of the destionation in the GET request. It doesn't do this when webchaning is not configured.
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA 2006 Firewall] >> General >> Problem with upstream Proxy server 
Problem with upstream Proxy server - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread