I am trying to configure my "Allow All" rule in ISA 2006 to apply to authenticated users.. right now I have "All Users" in the allow rule... this works fine as far as allowing everything... but it's not showing users in the reports...
So I tried to re-config our allow all rule to apply to Authenticated Users instead.. but as soon as I do that.. I lose everything for everybody. And it doesn't make sense because-
Our ISA box is a member of the domain. It sees AD no problem, can pull users and groups from AD with no issues... connectivity verifies all check out properly... everything 'seems' set up right but yet it acts like no one on our network is an authenticated user... and thats not the issue either, every user here logs into the domain.
Please help, this doesn't make any sense to me!! Thank you for your time.
Our clients are indeed joined to the same Domain ISA is on.
Not quite sure on your second question, I can tell you that we do not have the Proxy Client install on our boxes, we arn't really using ISA for a firewall either because we have a main firewall at an enterprise level, we are just using ISA at this site for monitoring, some customized for this location content filtering and maybe more in the future. If I can get this authenticated domain users deal figured out I should be able to see what users are doing what instead of an IP address in the monitoring (which isn't very helpful considering we are using DHCP of course)...
What I'm afraid is that your going to tell me I need to load the proxy on all our clients... ??
Sorry it took me so long to get back to you- I appreciate your help!
Right now ISA is set to an 'Edge' Firewall... we have an external and internal NIC like you mentioned... and this box is at the bottom of the funnel, right before the Router
Here is the deal, this ISA Server is at a school district. I work for a state organization that deals in many things, my department is of course IT. We have many districts that we support.. many of the districts T1 lines feed into our building, and are piped through our main Firewall (Astaro). We also have a mail filter etc. ...Thats why we arn't using ISA mainly for a firewall, we are more interested in monitoring and doing some 'per user' access control type stuff. This is the first ISA box I have setup, and I'm sure I have done it wrong!! lol
< Message edited by GeneralTJI -- 2.Oct.2007 4:54:54 PM >