• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA server 2004 Unknown users

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Logging and Reporting >> ISA server 2004 Unknown users Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA server 2004 Unknown users - 24.Apr.2006 6:30:25 PM   
ZEN2005

 

Posts: 6
Joined: 7.Apr.2005
Status: offline 		Hi there

When I check my reports, TOp users I saw a lot of unknown users, as we know this kind of users are (SecureNAT clients and unauthenticated Web Proxy clients). So, the question is, there is any option in order to identify this users? you know.

thanks in advance

bye
Post #: 1
RE: ISA server 2004 Unknown users - 24.Apr.2006 6:53:34 PM   
Kiddx

 

Posts: 38
Joined: 12.Jun.2004
From: Boca Raton, FL
Status: offline 		You have to disable Anonymous users or All Users for web traffic, or any traffic that you want to collect user information on.

Goto your http/https outbound rule and remove all users and set it to authenticated users only. This will force the fwclient to send the credentials to ISA.

If you only want web traffic create a seperate rule for http/https outbound and 'other' traffic outbound. Since your servers usually require things like sntp/dns/smtp etc you want to seperate usage so you dont squash your servers ability to do its work.

(in reply to ZEN2005)
Post #: 2
RE: ISA server 2004 Unknown users - 18.May2006 6:57:22 PM   
ZEN2005

 

Posts: 6
Joined: 7.Apr.2005
Status: offline 		Hi there

I already did that, all my access rules has included all auth uses, but in my reports I still see  a lot of unknown users, how is this possible?

By the way, my users doen´t have Isa firewall client installed, they are configured as a web proxy clients.
This is the cause of this behavior?

Hope any suggestions !


thx a lot !

(in reply to Kiddx)
Post #: 3
RE: ISA server 2004 Unknown users - 18.May2006 7:01:36 PM   
LLigetfa

 

Posts: 2187
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
quote:

my access rules has included all auth uses

It is not a matter of inclusion but of exclusion.  You have to exclude "All Users".

_____________________________

The School of Hard Knocks is a mean teacher. She gives the exam before the lesson.

(in reply to ZEN2005)
Post #: 4
RE: ISA server 2004 Unknown users - 18.May2006 9:49:51 PM   
ZEN2005

 

Posts: 6
Joined: 7.Apr.2005
Status: offline 		yeap, I exclude All users, and include All authenticated users. I wanted to mean that

(in reply to LLigetfa)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Logging and Reporting >> ISA server 2004 Unknown users Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts