• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

It's like it's not seeing AD properly... ??? help

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> General >> It's like it's not seeing AD properly... ??? help Page: [1]
Login
Message << Older Topic   Newer Topic >>
It's like it's not seeing AD properly... ??? help - 19.Sep.2007 3:53:45 PM   
GeneralTJI

 

Posts: 10
Joined: 23.Apr.2007
Status: offline
Here is the deal:
 
I am trying to configure my "Allow All" rule in ISA 2006 to apply to authenticated users.. right now I have "All Users" in the allow rule... this works fine as far as allowing everything... but it's not showing users in the reports...
 
So I tried to re-config our allow all rule to apply to Authenticated Users instead.. but as soon as I do that.. I lose everything for everybody. And it doesn't make sense because-
 
Our ISA box is a member of the domain. It sees AD no problem, can pull users and groups from AD with no issues... connectivity verifies all check out properly... everything 'seems' set up right but yet it acts like no one on our network is an authenticated user... and thats not the issue either, every user here logs into the domain.
 
Please help, this doesn't make any sense to me!!
Thank you for your time.
Post #: 1
RE: It's like it's not seeing AD properly... ??? help - 19.Sep.2007 4:30:57 PM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
Hi,

What about your Clients ??

Are they joined to the same Domain  that ISA Server is Joined to ?

What is their Type ? Web Proxy , Firewall , SecureNet client ?

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to GeneralTJI)
Post #: 2
RE: It's like it's not seeing AD properly... ??? help - 24.Sep.2007 3:43:09 PM   
GeneralTJI

 

Posts: 10
Joined: 23.Apr.2007
Status: offline
Thanks for helping!!
 
Our clients are indeed joined to the same Domain ISA is on.
 
Not quite sure on your second question, I can tell you that we do not have the Proxy Client install on our boxes, we arn't really using ISA for a firewall either because we have a main firewall at an enterprise level, we are just using ISA at this site for monitoring, some customized for this location content filtering and maybe more in the future. If I can get this authenticated domain users deal figured out I should be able to see what users are doing what instead of an IP address in the monitoring (which isn't very helpful considering we are using DHCP of course)...
 
What I'm afraid is that your going to tell me I need to load the proxy on all our clients... ??

(in reply to elmajdal)
Post #: 3
RE: It's like it's not seeing AD properly... ??? help - 25.Sep.2007 4:55:50 AM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
How many NICs you have on your ISA Server??

If you want to see usernames in the report you have to set your clients as WebProxy Clients and/or Firewall Clients.



_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to GeneralTJI)
Post #: 4
RE: It's like it's not seeing AD properly... ??? help - 25.Sep.2007 12:20:37 PM   
GeneralTJI

 

Posts: 10
Joined: 23.Apr.2007
Status: offline
Our box has 3 NICS's... (only using two right now)
I wonder what I have it set as right now....

(in reply to elmajdal)
Post #: 5
RE: It's like it's not seeing AD properly... ??? help - 26.Sep.2007 7:15:51 PM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
so u have 2 nics.

one external and one is internal ??

and using ISA server as a backend firewall ?

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to GeneralTJI)
Post #: 6
RE: It's like it's not seeing AD properly... ??? help - 2.Oct.2007 4:52:53 PM   
GeneralTJI

 

Posts: 10
Joined: 23.Apr.2007
Status: offline
Sorry it took me so long to get back to you- I appreciate your help!

Right now ISA is set to an 'Edge' Firewall... we have an external and internal NIC like you mentioned... and this box is at the bottom of the funnel, right before the Router

Here is the deal, this ISA Server is at a school district. I work for a state organization that deals in many things, my department is of course IT. We have many districts that we support.. many of the districts T1 lines feed into our building, and are piped through our main Firewall (Astaro). We also have a mail filter etc. ...Thats why we arn't using ISA mainly for a firewall, we are more interested in monitoring and doing some 'per user' access control type stuff. This is the first ISA box I have setup, and I'm sure I have done it wrong!! lol

< Message edited by GeneralTJI -- 2.Oct.2007 4:54:54 PM >

(in reply to elmajdal)
Post #: 7
RE: It's like it's not seeing AD properly... ??? help - 10.Oct.2007 5:14:25 PM   
GeneralTJI

 

Posts: 10
Joined: 23.Apr.2007
Status: offline
Any thoughts? any other info I need to share about our setup? Thanks

-Todd

(in reply to GeneralTJI)
Post #: 8

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> General >> It's like it's not seeing AD properly... ??? help Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts