I have a client who has an ISA 2004 server with web proxy enabled. There is only External and Internal Networks. The Internal Network is 192.168.1.x subnet and has no other subnets. The AD-integrated LAN DNS servers forward their queries to ISP's cache server. All clients have firewall client installed and web proxy enabled. Web browsers are set to automatically detect proxy settings. "Use HTTP 1.1 through web proxy" is enabled. There is a WPAD entry in the DNS server pointing to ISA's Internal NIC. I have the following issues with IE and web proxy.
Whenever a user types in a weird URL (say www.jfslfafjsdlfj.com), IE 6.0 freezes up for four to six seconds and returns the sea.msn.com search page. During the freeze up, users can't click on the stop button and don't see the IE logo being animated. I found that I need to disable automatic search feature and I did that by check marking "Do not search from the address bar" in the Internet Option -> Advanced Tab. Now the users don't see the msn.com search page. However, the browser still freezes up for four to six seconds and then displays the brown color ISA error page indicating "Error Code 11001: Host not found". If I uncheck "Automatically detect settings" in the Internet Options->Connections->LAN Settings (meaning disabling proxy) and type weird URL, I don't see the freeze up, can see the IE windows logo animation and can click on the stop button to end the session. If enable proxy on the browser, I get the freeze ups. Does anyone have experienced this problem?
This is really not a problem. I have bunch of rules that restricts users based on a domain name set. I accidentally typed an extra space at the end of a URL (like "*blah.com "). When the users typed www.blah.com, this particular rule didn't apply and instead default rule was used. I then removed the extra space (like "*blah.com"). Users didn't have any trouble accessing www.blah.com. I thought MS would've trimmed the leading and trailing blank spaces before applying an entry to a domain set. Is this normal? or Am I missing a hotfix?