• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

just a consideration about anonymous users

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 General] >> General >> just a consideration about anonymous users Page: [1]
Login
Message << Older Topic   Newer Topic >>
just a consideration about anonymous users - 29.Dec.2003 8:20:00 PM   
fscalon

 

Posts: 13
Joined: 5.Dec.2003
Status: offline 		I'm using ISA in Proxy only mode inside my LAN. I've been experimenting with S&C and protocol rules, regarding anonymous access. I have changed both my site&content and protocol rule from allow all requests to allow Domain Users (these two are the only ones I have)... Am I wrong, or that effectively removed all anonymous access to the Internet?

If that is the case, why should I bother about that config in the outbound web requests named "ask unauthenticated users for authentication"?
I've changed it, and noticed two differences so far: one is that for most of the time, inside "sessions" in the management console, I get to see one anonymous session + one user session for each computer (ip); and the other, in the web proxy log, it seemed to me that these anonymous requests were getting 407 errors before I cleared the aforementioned checkbox in the outbound web requests tab, and now different codes appear in the sc-status field. Are there any more implications to this configuration?

Regards,
Post #: 1
RE: just a consideration about anonymous users - 29.Dec.2003 8:27:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline 		Hi flds,

check out http://www.isaserver.org/tutorials/disableanonoutbound.html .

HTH,
Stefaan

(in reply to fscalon)
Post #: 2
RE: just a consideration about anonymous users - 30.Dec.2003 12:51:00 PM   
fscalon

 

Posts: 13
Joined: 5.Dec.2003
Status: offline 		Thanks Steefan,

I've read the article and made the necessary changes in ISA's configuration. So it seems the fact that anonymous users still appear in ISA's "sessions" pane is sort of a bug, because these connections are getting nowhere (at least in the logs no data is transferred for them), probably they appear only to send the user's credentials to the Proxy Service.

Regards,

(in reply to fscalon)
Post #: 3
RE: just a consideration about anonymous users - 30.Dec.2003 12:56:00 PM   
fscalon

 

Posts: 13
Joined: 5.Dec.2003
Status: offline 		Oops, sorry for the mispelling, Stefaan.

flds

(in reply to fscalon)
Post #: 4
RE: just a consideration about anonymous users - 30.Dec.2003 8:49:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline 		Hi flds,

it is NOT a bug. It's just the way how a browser and a web proxy server works! [Big Grin]

For more info, read again the posted article, particular section 'How ISA Server Authenticates Outbound Connection Requests' -> 'Web Proxy clients send credentials to the Web Proxy service'.

HTH,
Stefaan

(in reply to fscalon)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 General] >> General >> just a consideration about anonymous users Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts