Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Why is it denied?

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> HTTP Filtering >> Why is it denied? Page: [1]
Login
Message << Older Topic   Newer Topic >>
Why is it denied? - 28.Jun.2005 6:43:00 PM   
jiambor

 

Posts: 13
Joined: 28.Jun.2005
From: Maryland, US
Status: offline 		I am learning and testing ISA 2004. We are setting it up for our Exchange system. I am also playing with it as a caching/proxy server. We want to be mean to our users and control what they are using on the internet. The biggy...streaming audio. I have successfully blocked it by just creating a simple firewall rule to only allow HTTP and HTTPS and then in the Content Type tab, I Select Content Types and then select everything except Audio and Video. This works perfect....no audio. But while I was testing this, I went to citrix.com support site. There I queried for my problem with my citrix server. I was then unable to open any of the results. I then went back to the Content Types Tab and added Audio and Video back in. Still could not open any of the results. I went back to the Content Types Tab and allowed All Content Types. Now I can access those pages. When Selected Content types is selected and I attempt to go to one of the result pages, the Firewall rule to allow internet surfing is passed and it drops straight to the Default Rule which blocks everything. As far as I can see the result pages end with the same extensions:

Can get to:
http://support.citrix.com/kb/kbsearch.jspa?searchQuery=remain+open&forceEmptySearch=true&parentCatID=298&childCatID=274&entryTypeID=&languages=en&dateRange=0

Can not get to:
http://support.citrix.com/kb/entry!default.jspa?categoryID=275&externalID=CTX105611&fromSearchPage=true

jspa?? Although I can't find that in the extensions list. I also checked the header in the pages and they both indicate content="text/html....

Now I understand that the Firewall rule that allows HTTP and HTTPS is droping this due to a content type it is not allowing, but how can I figure out what type it is so I can add it?
Post #: 1
RE: Why is it denied? - 29.Jun.2005 3:07:00 PM   
jiambor

 

Posts: 13
Joined: 28.Jun.2005
From: Maryland, US
Status: offline 		Well, I found a way around the issue, but I wish I could actually resolve it. I out in a rule before the Allow rule to just deny HTTP Audio and Video content.
This is allowing me to get to the pages that were not working before and still successfully block audio and video streams.

(in reply to jiambor)
Post #: 2
RE: Why is it denied? - 29.Jun.2005 3:13:00 PM   
spouseele

 

Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline 		Hi jiambor,

a good starting point might be http://www.isaserver.org/articles/ISA2004_AccessRules.html .

HTH,
Stefaan

(in reply to jiambor)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> HTTP Filtering >> Why is it denied? Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts