`Web proxy for External Domains

`Web proxy for External Domains (Full Version)

All Forums >> [ISA 2006 Web Proxy] >> Web Proxy Client

Message

robertmi -> `Web proxy for External Domains (20.May2008 5:29:45 AM)
I am a bit new to isa server so I hope my question is understandable. My company is using isa on the local AD domein for webproxy. For a subsidiary company that has it's own AD (with no trust between the domains) we want to provide Internet access. We also want to control and monitor the webaccess of the subsidiary company. I tried to realise this by making a userset that gets the external domain info via LDAP. But this doesn't work for webproxy, only for Publishing of websites. Is their someone out their who has experience with providing web access to external domains.

elmajdal -> RE: `Web proxy for External Domains (20.May2008 7:23:18 AM)
hi, check this : http://www.isaserver.org/tutorials/Providing-Branch-Office-Access-ISA-2006-Firewalls-Web-Proxy-Listener.html HTH, Tarek

robertmi -> RE: `Web proxy for External Domains (20.May2008 8:53:12 AM)
Hi Tarek, Thanx for your reply. I had a look at the http://www.isaserver.org/tutorials/Providing-Branch-Office-Access-ISA-2006-Firewalls-Web-Proxy-Listener.html In the first instance I thought this will work for me until I read the following One drawback of Integrated authentication is that both the ISA firewall and the user machines must be members of the same domain, or you must mirror the local user accounts on the ISA firewall or in the target domain in which the ISA Firewall participates. For example, if the branch office computers are not domain members, you must have the user name and password information for all the users at each branch office and create accounts on the ISA firewall’s local SAM that mirror those user accounts or mirror those accounts in the main office Active Directory domain. This can lead to significant administrative overhead, depending on how you enforce password change policy for branch office users. In my senario the ISA server and the user machines are in a separate domain. This will mean that I have to miror the accounts of about 1000 accounts. The accounts are no problem but passwords is a no go.

Page: [1]