• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA 2004 upgrade issues

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Web Proxy] >> Unihomed >> ISA 2004 upgrade issues Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA 2004 upgrade issues - 16.Nov.2006 12:11:29 PM   
dljones10

 

Posts: 4
Joined: 14.Nov.2006
Status: offline
Just upgraded ISA2000 to ISA 2004 and I am have some access issues that I wasn't having with ISA2000.

We are using ISA as a web proxy server with Surfcontrol configured as a firewall.  I upgraded the operating system to Windows 2003 and upgraded ISA.  The server is also hosting our Intranet site.  I tried to migrate the ISA policies but didn't work so I went back and did a fresh install of ISA2004.

Setup:
1. Network: Single NIC , firewall client unchecked, Web Proxy- enabled web proxy checked, Authentication - 'Integrated' and 'Require all users to authenticate" unchecked.  Web Browser - all is checked.
2. Firewall policy: allow all protocols from 'Internal, local host' to 'all networks'. Users: All Authenticated Users, All Users; Internet Access(domain Users group)

These are the issues I am having since upgrading.  I believe they are just rights issues.

1. Right now all users have Internet access.  I have to have 'All Users' in access policy to get any Internet access.  Use to control Internet access by using 'Internet Access" domian group.  Tried playing with 'Authenticated Users' but still can't get Internet Access.
2. Need to have 'Require all users to authenticate' checked in the Web Proxy to resolve user names in Surfcontrol, however when I check it I lose access to the Intranet web page.

I am sure that there is a mixture of access rights that I am missing between IIS, web folders and ISA 2004 that werren't an issue before.  Not sure if I have to publish a web server or not.

THanks for any help.

Dave
Post #: 1
RE: ISA 2004 upgrade issues - 21.Nov.2006 9:44:20 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
What do you mean "the server is hosting the Web site"?

You mean publishing it?

PLEASE do not say that the Web site is ON THE FIREWALL.

NO WEB SITES ON FIREWALLS.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to dljones10)
Post #: 2
RE: ISA 2004 upgrade issues - 21.Nov.2006 10:26:51 AM   
dljones10

 

Posts: 4
Joined: 14.Nov.2006
Status: offline
Tom,

The server is not being used as a firewall.  It is used as our Proxy, Surfcontrol Web filter and hosting our Intranet site. This is our Intranet site therefore is only used internally.   I have a firewall appliance on our perimeter.  Our Internet page is hosted and maintained by another company.

It worked fine under ISA 2000, is this a problem under ISA 2004?  Even though this is not being used as a firewall do I need to still move the web site?  Is this why I am having the access problems?  Even though this is not being used as a firewall persay do I still need to move the web site?

< Message edited by dljones10 -- 21.Nov.2006 10:31:55 AM >

(in reply to tshinder)
Post #: 3
RE: ISA 2004 upgrade issues - 14.Feb.2007 3:16:38 PM   
ButlerKevinD

 

Posts: 21
Joined: 28.Mar.2003
From: Little Rock, Ark
Status: offline
Just something to try out, if you havent fixed the problem yet, but add a rule allowing internal traffic to local host for all users. That may be your fix. And like Tom said, nix hosting a web server on your firewall. Very bad juju mon ami!!

(in reply to dljones10)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Web Proxy] >> Unihomed >> ISA 2004 upgrade issues Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts