Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Web Proxy 502 (12202) Error
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Web Proxy 502 (12202) Error - 14.Feb.2006 5:53:03 PM
|
|
|
nitzanbar
Posts: 6
Joined: 6.Dec.2005
Status: offline
|
Hello everybody,
I have an ISA 2004 server and I would like that my internal clients can only access the web (http on port 80) through the isa's proxy. What I did is this:
1. Create an access rule from local host to external to allow all outbound traffic
2. Create an access rule from the internal network to local host to allow all outbound traffic
3. Create an access rule from the local host to the internal network to allow all outbound traffic
4. Create an access rule from the internal network to external to allow all outbound traffic except http (to force the internal network to use the proxy)
When the clients (with the proxy configured in IE) try to access web sites I get the 502 Proxy Error.
Did anyone come across this problem?
Thanks,
Nitzan
|
|
|
|
|
RE: Web Proxy 502 (12202) Error - 14.Feb.2006 6:29:46 PM
|
|
|
elmajdal
Posts: 5074
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
|
WHat !!!!
u blocked HTTP !!!
i dont think then your users will be able to surf the net.
your users will use your ISA as proxy server , just put the proxy in the internet connection of their browsers options.
|
|
|
|
|
RE: Web Proxy 502 (12202) Error - 14.Feb.2006 7:29:19 PM
|
|
|
ClintD
Posts: 1833
Joined: 26.Jan.2001
From: Keller, TX
Status: offline
|
Interesting - you logically have the correct rule set, but ISA views the request in the context of who originally sent the request. In this case, a client on the Internal network sent the request to an External location and that is how the rule set must be configured.
|
|
|
|
|
RE: Web Proxy 502 (12202) Error - 14.Feb.2006 7:53:19 PM
|
|
|
LLigetfa
Posts: 2184
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
|
I think what Clint is trying to say (and he can correct me if I'm wrong) is that even though the ISA server *proxies* the request and it may appear to the website that the request comes from ISA (localhost), the rules processor knows better and is looking at the originator to be on the internal network and not localhost.
_____________________________
The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.
|
|
|
|
|
RE: Web Proxy 502 (12202) Error - 14.Feb.2006 8:41:09 PM
|
|
|
nitzanbar
Posts: 6
Joined: 6.Dec.2005
Status: offline
|
Hi!
Thanks for the replies. I think I understand but is there any way I can overcome this? I want my clients to access the web only via the proxy?
Thanks again,
Nitzan
|
|
|
|
|
RE: Web Proxy 502 (12202) Error - 14.Feb.2006 8:46:07 PM
|
|
|
ClintD
Posts: 1833
Joined: 26.Jan.2001
From: Keller, TX
Status: offline
|
You'll need to clarify your topology for us to give you a better answer.
If ISA is the last hop prior to the web, then yes, you can configure this so that only ISA allows HTTP requests.
If ISA isn't the last hop prior to the web, then no, you cannot control this through ISA, but you can confgure the Router/Firewall to only allow HTTP from the ISA IP address.
|
|
|
|
|
RE: Web Proxy 502 (12202) Error - 14.Feb.2006 8:52:48 PM
|
|
|
nitzanbar
Posts: 6
Joined: 6.Dec.2005
Status: offline
|
Yes the ISA is the last hop to the web, in front of it there is a router but all ports are open.
I also saw an article from microsoft: KB891241 . I did almost exactly as it said (I excluded http instead of denying http).
Thanks,
Nitzan
|
|
|
|
|
RE: Web Proxy 502 (12202) Error - 14.Feb.2006 9:08:22 PM
|
|
|
LLigetfa
Posts: 2184
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
|
quote:
I want my clients to access the web only via the proxy
If you disallow S-NAT by not having anonymous rules and you do not enable the FWC listener, that would leave only WP for the users, thus your objective would be reached.
_____________________________
The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
