• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Bypassing Web Access Rule?

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Access Policies >> Bypassing Web Access Rule? Page: [1]
Login
Message << Older Topic   Newer Topic >>
Bypassing Web Access Rule? - 21.Nov.2008 11:15:27 AM   
NaotaKun

 

Posts: 11
Joined: 27.May2004
From: Sao Paulo, Brazil
Status: offline
Greetings!
This one is a puzzle to me right now.
 
I run this ISA Server 2006 Standard (fully updated) performing web proxy for users. Computers use the Configuration URL, doesn't use the Firewall Client and this ISA box isn't the default gateway to these computers.
 
There's a user group which can access a specific list of web sites, but sometimes they can access some sites that aren't listed anyway (by domain name, URL, IP, LAT).
 
So i've created a user with the same profile to these above and all the times the proxy doesn't allow access: just like it should be.
 
First thought was "they're using someone's credentials with less restrictions", but digging the logs, i've found the access made by the restricted user itself and authorized by the very rule that should block him.
 
Following closer one of this users all the day, there's log entries blocking the access and others allowing them.
 
So i ask by any clue or idea to look at. I've checked everything to exaustion and all seems correct - rule order, authentication, sources and destinations, lists of IPs, domains and URLs. Maybe someone find a "way" to bypass the proxy rules?
 
Thanks in advance!
Any idea would be appreciated.
(Sorry about the poor english...)
 
Fabio Carvalho
Post #: 1
RE: Bypassing Web Access Rule? - 21.Nov.2008 11:18:39 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
check your rules and make sure that they are doing what they should be doing.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to NaotaKun)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Access Policies >> Bypassing Web Access Rule? Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts