Webproxy client software (Full Version)

All Forums >> [ISA 2006 Web Proxy] >> Web Proxy Client



Message

howardmp -> Webproxy client software (3.Jul.2008 5:08:17 AM)

Hello all,
Apologies if this is an obvious question; I've just moved to an organisation with ISA Server 2006, where they believe they can't install content filtering software as there are some Linux clients who can't authenticate (kerbeos / integrated NTLM used on domain). From what I'm reading here, Linux clients can authenticate if you have a Webproxy client installed on the Linux machine?, this being the case where do I get the correct client software from and is there anything I need to understand about the install?
Many thanks
Howard



paulo.oliveira -> RE: Webproxy client software (3.Jul.2008 8:05:58 AM)

Hi Howard,

to make your clients webproxy clients, thereīs no need to install any software. You just have to configure their browsers pointing to ISAīs internal IP address on port 8080 (wich is the default port).

Regards,
Paulo Oliveira.



howardmp -> RE: Webproxy client software (3.Jul.2008 11:53:21 AM)

Hello Paulo,
Many thanks, will this still work with authentication set to Integrated on the ISA server?, also is there any requiremts with Blackberry devices?
Howard



paulo.oliveira -> RE: Webproxy client software (3.Jul.2008 1:05:30 PM)

Hi Howard,

yes! The only types of clients who can use ISA authentication feature is webproxy and firewall clients, secureNATs canīt authenticate.
I donīt know about Blackberry devices. [8|]

Regards,
Paulo Oliveira.



pwindell -> RE: Webproxy client software (3.Jul.2008 4:13:35 PM)

Keep in mind that some of the content filtering product will still work without the authentication but they just won't include as mcuh detail in there reports.  I persoanlly consider it to be a "flaw" in the design of these products for them to not work or not fully work if the ISA doesn't force authentication.

Also keep in mind that the Domain Controllers typically communicate with Forwarders out to the ISP's DNS or have to make other outbound DNS Queries,...these connection are usually done as Anonymous SecureNAT Clients.  So if you kill anonymous access then you also kill your name resolution to the Internet.



Page: [1]