• Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Direct Access in a split DNS environment

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Cache] >> Web Proxy client >> Direct Access in a split DNS environment Page: [1]
Message << Older Topic   Newer Topic >>
Direct Access in a split DNS environment - 10.Apr.2007 2:17:51 PM   


Posts: 13
Joined: 5.Dec.2003
Status: offline

Our business has a split DNS environment (hosts belonging to mybusiness.com in both Intranet and the Internet). We are using ISA Server 2004, but our workstations do not have the Firewall client installed. Their web browsers (IE 6) have the ISA machine set up manually as the proxy server. Workstations' default gateway is NOT the ISA machine.

I'm cooking my noodles to figure out a way to implement access to all of our websites because of the split DNS scenario. Basically, the majority of our web servers are in the Intranet, EXCEPT for two of them (I will call them abc.mybusiness.com and xyz.mybusiness.com for clarity's sake).

So at this point, we are accessing our sites using the most "dumb" manner, which would be including *.mybusiness.com in the browser's exception list, and removing that when we need to access abc.mybusiness.com and/or xyz.mybusiness.com.

As one can imagine, that is quite cumbersome (very happy users!). I did some research and found out that a .pac file can do the trick for me, because unlike the browser (IE), it works with a exclusion list and also a inclusion list, letting me force specific sites to go thru the proxy.

But my question is: can't I do such a configuration inside ISA Server? I'd rather just have the workstations' web browsers point to my ISA machine and let ISA do all the heavy-lifting... Not having to deal with a .pac file would be only less thing to worry about, configuration-wise. But so far to my understading, ISA's Direct Access list would work the same way as the browser's exception list (the difference being centralized configuration)

Any ideas? Thanks!
Post #: 1
RE: Direct Access in a split DNS environment - 10.Apr.2007 2:52:16 PM   


Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi fscalon,

you might check out:
- http://www.microsoft.com/technet/prodtechnol/ie/reskit/6/part6/c26ie6rk.mspx?mfr=true 


< Message edited by spouseele -- 10.Apr.2007 2:53:34 PM >

(in reply to fscalon)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Cache] >> Web Proxy client >> Direct Access in a split DNS environment Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts