• Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Rules Problem

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Misc.] >> 3rd Party Add-ons >> Rules Problem Page: [1]
Message << Older Topic   Newer Topic >>
Rules Problem - 3.Jul.2006 7:43:50 PM   


Posts: 2
Joined: 3.Jul.2006
Status: offline

I got a problem with SurfControl for ISA 2004 SP1/Server 2003 Sp2/

If the first activated rule is DISALLOW. ( for example  disallow "sex" anybody anytime )
The second  ist ALLOW. (example allow "Search Engines" anybody anytime )

All my client will receive DENIED ACCESS for Adult sites and for goggle.

In the live monitor i see:   http://www.google.com  search engine blocked

If i move the second Rule on first place. Everybody will be able to access adult sites too.

In the live monitor i see:   http://www.playb....com   sex allowed

I try a few combinations, allways the same result.

Any ideas ? 


< Message edited by maraciab -- 3.Jul.2006 7:46:49 PM >
Post #: 1
RE: Rules Problem - 4.Jul.2006 10:23:59 AM   


Posts: 801
Joined: 5.Apr.2005
From: sydney
Status: offline
Hmmm sounds funny.
Try this out, have a rule to block all and then have a rule allowing what traffic you need.
1 = Block all
2 = Search engine,news etc...

(in reply to maraciab)
Post #: 2
RE: Rules Problem - 4.Jul.2006 11:09:25 AM   


Posts: 2
Joined: 1.Jul.2006
Status: offline
SurfControl uses a top-down processing engine - the most restrictive rule should always be applied at the bottom.

I'd check back through your ruleset again, make sure that you haven't got an exception somewhere above that permits traffic to certain categories from specific groups/accounts.

If not, log a call with SurfControl - at least in the EMEA area they're one of the few tech companies whose support isn't complete garbage.

(in reply to maraciab)
Post #: 3
RE: Rules Problem - 4.Jul.2006 4:18:25 PM   


Posts: 2
Joined: 3.Jul.2006
Status: offline
Thanks for your answers.

To make it clear there are only these two rules activated.
Realtime monitor shows the right category's but filtering fails.

We try a few sets the above included but nothing helps.

It looks like isa is misconfigured for example firewall rule or network sets.
Surcontrol and ms give no hints or examples.

I hope someone else has the same problem solved.


(in reply to maraciab)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Misc.] >> 3rd Party Add-ons >> Rules Problem Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts