I wasn't sure where to post this, but thought here might be a good place to start (if it should go somewhere else then please move it!)
It's worth noting that I'm an ISA noobie, having only just installed / configured it for the first time. I'm running ISA 2006 on a win2k3 server (brand new installation).
I know it's not the best configuration, etc, but at the moment I'm basically just running it as a web proxy / cache, as the inbound configuration into my existing server (a sbs2k3 box) is to complex to move over for the time being. The ISA server is connected on the LAN side to our LAN, where the sbs server is, and on the external interface side directly into a router that connects out to the internet.
I've got the user computers configured correctly to go through the proxy, and so far it all seems to be working properly. However, there is one problem. The logs are only showing IP addresses, rather than usernames. From what I can tell, the ISA server isn't authenticating users. I'd like to set authentication as required, so that it's easier to see in the logs who's doing what, and I can cut out anyone not authenticating to the proxy. Any suggestions as to what I need to do?
It's also worth mentioning that the way the ISA server is configured, the WAN side network adapter has a gateway/dns server configured, and the LAN side doesn't.
That add-on is only to convert the IP to a hostname prior to logging. However what I would like to log is the actual username of the person who's accessing the proxy.
From my understanding of ISA, the server should automatically be authenticating the users, and it displays the IP ONLY if it can't authenticate. Since everyone is showing IPs, my assumption is that there's a problem with the authentication...
If I set authentication as required, then a popup box appears asking me to authenticate (if I include the "basic" method of authentication as well as "internal"), and entering my domain credentials doesn't work. Hence my assumption that there's a problem with the authentication that I need to work out.
I tried to see if I could access the domain controller (start->run \\mydomain.com\sysvol\mydomain.com) and I got an error.
That would indeed appear to be the problem...
I have a feeling it's to do with my setup, as the internal adapter doesn't have a gateway/dns server set. However I don't understand how I'm supposed to configure the network adapters so only one has a gateway/dns server...
Ok, somehow it's fixed itself! I had to restart the server, and include the DNS on the LAN side... Now all is good :-)
Thatís good I guess but it sounds like you have some miss-configurations with your setup. You mentioned that you added DNS to the Internal facing NIC which is only where you should have DNS configured.