When a user turns off the proxy settings in a web browser, they still get access to the web. How do I prevent this? I would like to block users who install third party browsers from getting around the proxy also. Thanks in advance.
Posts: 477
Joined: 20.Jan.2009
From: Southern California
Status: offline
Removing the default gateway from the client workstation would resolve your issue. You can also use the ISA HTTP filter to block requests from third-party web browsers.
When I remove the default gateway of a client I cannot gain access to the web at all. Even with my proxy settings turned on. I pointed my gateway to the proxy to try this and it worked but then I was able to bypass the proxy in my web browser. When I say bypass, I'm not sure it's really bypassing the proxy. When I set the browser to no proxy I am able to get to the internet. I failed to mention that my ISA 2006 proxy has two NICs. So they can't really go around it but it seems as though they are not subject to certain rules when they turn it off.
Posts: 3470
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,
altough proxy is not configured on client´s web browsers, ISA firewall is still inspecting web requests.
ISA has three type of clients. The basic description is as follow:
FWC - intercept winsock connections and forward to ISA firewall service; Web proxy client - clients with ISA firewall internal IP configured on their web browsers; SecureNAT - clients configured with their default gateway pointing to ISA firewall internal IP.
Paulo Oliveira you seem to know quite a bit about ISA. I have been in the desktop support world for over ten years and have a CCNA. I am pretty good with networking and router configs however servers and ISA to be specific is a week point. I have just been given the extra duty of learning the ISA server and managing it. We have no test environment so I can't just try things unless we have down time. This has nothing to do with the post however after asking my questions I feel as though I'm over my head on this due to the circumstances. Would you have any recommendations on a starting point to help me understand this ISA environment better.
I followed the links posted here but still can't solve the problem (When a user turns off the proxy settings in a web browser, they still get access to the web.) :(
Posts: 3470
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,
when an ISA client turn off the browser settings, it becomes a SecureNAT client. If there´s an access rule allowing access to his machine, ISA will allow the access.
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA 2006 Web Proxy] >> Web Proxy Client >> Clients bypassing proxy 
Clients bypassing proxy - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread