Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
SurfControl WebFilter problem
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
SurfControl WebFilter problem - 1.Jul.2006 11:56:48 PM
|
|
|
zebulebu
Posts: 2
Joined: 1.Jul.2006
Status: offline
|
Hi
I'm having a hell of a time figuring out a problem with my network. I
recently got a Celestix box in (it runs ISA server underneath
SurfControl for web filtering). Some of the time it works perfectly,
but quite often, seemingly with no rhyme or reason, it appears to have
a problem authenticating users from my other domain. I'll explain the
set up below, hopefully someone else will have come across a similar
problem before.
We have two domains - a new AD one, and an old NT PDC/BDC one (which we
are currently in the process of migrating from). As we have a number of
critical apps which either haven't been tested or require work to port
across to Active Directory, we're not in a position to use the AD
domain fully yet. This means that the vast majority of users still log
on to the NT domain.
When I installed the box, I placed it in the AD domain, along with the
database server which acts as a back-end for the SurfControl software.
The server acts as the web proxy for all clients - IP address and port
published via a policy pushed out to the clients. It then chains
requests up to a Trend ISVW box, which filters again looking for web AV
threats, before sending the request out the firewall.
Early in the UAT phase of implementation, I discovered that, at
seemingly random intervals, the server cannot authenticate users from
the AD domain. Whenever a user attempts to go to a web page, a dialog
box asking for a username & password is generated. Despite the user
entering their name, nothing happens and, after entering their
credentials three times an error page is generated by ISA stating that
they could not be authenticated.
It seems to me as if ISA is only having a problem authenticating users
from the NT domain, because this never happens when testing from
accounts in the AD domain.
What's especially annoying is that this seems to happen entirely at
random - its not at certains times of the day, not when the server is
exceptionally busy and not from certain user accounts.
Has anybody come across a similar situation before who can perhaps
point me in the right direction?
Humble thanks in advance!
PS: Apologies if anyone reads the same message on the MS ISA group 
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
