I'd like to force authentication for our web proxy. When I enable this on my rules, it works, but there are still requests coming in as anonymous, and of course they get dropped. Is there something that can be done in the client's browser to prevent anonymous requests?
Thanks, Jason. But is it normal for there to be A LOT of them from the same client, accessing the same site? And, because of this design, will having authentication as a requirement break users' ability to get to any site, or will the initial connection be retried with authentication?
< Message edited by JW -- 14.Jul.2008 12:50:39 PM >
JW, for clients using the web proxy configuration, they will retry with authentication.
For clients that don't support proxy settings, are not set up to use them, or are too dumb to support authentication, those requests may fail. Some apps for example call out to their home companies to check for updates, and some of these could fail.
Just be aware of trouble tickets of connection errors, and see if you can correlate any of them to anonymous "connection denied" logs.
Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,
if you are using IE6, then the authentication method is NTLM. By using NTLM you send more requests to ISA machine and consequently to your DC. If you use Kerberos to authenticate, then you just have to authenticate once on bothe servers. Check this greate article for a better understanding: Improving Web Proxy Client Authentication Performance on ISA Server 2006
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA 2006 Web Proxy] >> Web Proxy Client >> Preventing browser from sending anonymous requests 
Preventing browser from sending anonymous requests - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread