• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA as web cache only on LAN

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Cache] >> General >> ISA as web cache only on LAN Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA as web cache only on LAN - 18.Apr.2006 5:49:57 PM   
ISAMikeC

 

Posts: 7
Joined: 29.Jun.2004
From: Redhill
Status: offline
I am attempting to upgrade from ISA2K to ISA2K4 and having no luck.

I want to use ISA Server as a Web Proxy only, using Websense as a filter plugin. My existing infrastructure is Websense on ISA2K. The server has an IP in my LAN subnet and routes all unknown traffic via the FW to Internet. It caches and all works beautifully. I cannot work out how to configure ISA2K4 to do the same thing. ISA2K came with a proxy only configuration, but this feature has disappeared in ISA2K4, and the firewall aspects of ISA seem to keep interfering.

Has anyone else got a configuration like this and if so could they kindly explain how they did it?

Many thanks,

Mike

Post #: 1
RE: ISA as web cache only on LAN - 21.Apr.2006 10:52:11 PM   
tsystem

 

Posts: 2
Joined: 21.Apr.2006
Status: offline
Have you tried configuring your ISA 2004 server with the Single Network Adapter template? This setup will allow for web proxying, caching, web publishing, and OWA server publishing.

Is websense requiring or looking for authentication when uses are connecting through ISA?

_____________________________

- Gabe Montemayor

(in reply to ISAMikeC)
Post #: 2
RE: ISA as web cache only on LAN - 24.Apr.2006 10:57:00 AM   
ISAMikeC

 

Posts: 7
Joined: 29.Jun.2004
From: Redhill
Status: offline
I have tried the single network adapter template and failed. I have just had another go following your suggestion and it nearly works, but doesn't quite seem right:

I have Web Proxy clients enabled, but not Firewall clients. I have enabled http on the network rulle on port 80 and using routing not NAT, and all my http traffic does all appear to work. However, I get the problem that I cannot use HTTPS. When I try and set it up I am asked to supply a certificate. Why? I didn't need one previously. If I don't enable it, https traffic doesn't work. The firewall monitoring log shows an allowed connection from my client to the SSL Destination using port 443, but the client displays a "Page cannot be dispalyed" message.

Websense does need to authenticate users to apply policy, but it uses its own AD connector, so ISA does not need to authenticate users. The Websense side of things all works fine.

The alternate option is to put the ISA server in the DMZ, but I am not that keen on AD user authentication from the DMZ. It would however give me the opportunity to use OWA...

Thanks,

Mike

(in reply to tsystem)
Post #: 3
RE: ISA as web cache only on LAN - 24.Apr.2006 2:47:33 PM   
ClintD

 

Posts: 1848
Joined: 26.Jan.2001
From: Keller, TX
Status: offline
quote:

However, I get the problem that I cannot use HTTPS. When I try and set it up I am asked to supply a certificate. Why?


The only thing you need to do for HTTPS access is point the client to ISA for its Web Proxy setting and allow HTTPS in your access rules.

What exactly are you doing when you are prompted for a certificate?

< Message edited by ClintD -- 24.Apr.2006 2:48:56 PM >

(in reply to ISAMikeC)
Post #: 4
RE: ISA as web cache only on LAN - 24.Apr.2006 2:55:22 PM   
ISAMikeC

 

Posts: 7
Joined: 29.Jun.2004
From: Redhill
Status: offline
I'm in Configuration\Networks\Internal\Web Proxy settings. Clicking SSL.

And then I thought, I wonder what my Configuration\Networks\Local Host\Web Proxy settings are. And they had an http port of 8080, whereas the internal had a port of 80. Changed the Local Host to 80 and it has cured all of my https problems.

Hurray!

Thanks for your help - made me think about where else I could have been stupid.

(in reply to ClintD)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Cache] >> General >> ISA as web cache only on LAN Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts