ISA server as a proxy (Full Version)

All Forums >> [ISA Server 2004 General ] >> General



Message


bigmac66 -> ISA server as a proxy (8.Dec.2004 10:12:00 AM)

I am new to ISA and I have been trying to get it working as a Unihomed Proxy server. I have used the template and checked the Ip addresses. I have created a firewall rule to allow all traffic.
I can ping sites on the web but it will not pass HTTP pages, or allow FTP. I have trawled the message boards and tried other suggestions but I am getting nowhere.

has anyone got any suggestions.

thanks in advance




joemarr_intek -> RE: ISA server as a proxy (8.Dec.2004 2:14:00 PM)

you will need to great a firewall rule that allows HTTP and HTTPS from the internal network to the external network for all users. Once I added this rule I was fine.




bigmac66 -> RE: ISA server as a proxy (4.Jan.2005 3:54:00 PM)

Thanks for the reply, however I have established a rule to allow all traffic through and I still cannot access the web. I can ping individual sites but unable access web pages. Anybody any ideas, thanks in advance.




brenmcg57 -> RE: ISA server as a proxy (4.Jan.2005 11:06:00 PM)

I'm having the exact same problem. I an running a unihomed ISA2004 box on the LAN to be just a proxy server. I created a firewall rule that reads:

Action: Allow
Protocols: DNS, HTTP, HTTPS
From: Internal, Localhost
To: External
Condition: All Users

This only presents the ISA2004 "Error 502" page. If I change the "To:" rule to include a URL set with some websites in it, I can get to those websites.

It is as if the network object "External" is not really recognized as being the Internet. So far I have no solution.




brenmcg57 -> RE: ISA server as a proxy (4.Jan.2005 11:29:00 PM)

OK I just figured it out.

I had to edit the properties of the Network called "Internal" under Configuration->Networks, then the default Networks tab.

It had the default address range applied to it that basically included everything. I removed the default ranges and added only my local ranges. Problem solved.

I guess the network called Internal correlates to the LAT in ISA2000.




tshinder -> RE: ISA server as a proxy (5.Jan.2005 6:16:00 AM)

Hi LOL,

That is an incorrect config that could have some unintended effects. Since the unihomed Web Proxy isn't a security solution per se, all adddresses in the IPv4 are internal.

HTH,
Tom




bigmac66 -> RE: ISA server as a proxy (5.Jan.2005 10:33:00 AM)

This is still a problem for me. I have tried the suggestions and have now gone back to originl configuration, a rule allowing all traffic, but I am still unable to access any web pages. We are only using ISAServer as a web proxy, Proxy 2 works fine so why won't ISAServer.

Thanks

Bigmac66




tshinder -> RE: ISA server as a proxy (6.Jan.2005 5:12:00 AM)

Hi Mac,

The ISA firewall is a FIREWALL, and firewalls require at least two NICs. Proxy 2.0 was a simple Web proxy server.

HTH,
Tom




bigmac66 -> RE: ISA server as a proxy (6.Jan.2005 9:58:00 AM)

Thanks Tom.

But if this is the case why is there an option to set it up as a unihomed server. I have applied the template and created a rule and it doesn't work. I was hoping that this forum would supply me with some pointers. I am using it as a simple Web Proxy because that is what is required in my organisation, I know it is a firewall and should have 2 nic's but that is not an option at the moment. This is a new server running Server 2003 and therefore I cannot load Proxy 2 onto it.

Some help would be much appreciated

Thanks

BigMAC66 :p

[ January 07, 2005, 03:28 PM: Message edited by: bigmac66 ]




Page: [1]