Welcome to ISAserver.org

How users can choose between 2 internet connections?

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2004 Firewall] >> General >> How users can choose between 2 internet connections?

Page: [1]

Message

<< Older Topic Newer Topic >>

How users can choose between 2 internet connections? - 1.Jan.2005 3:23:00 AM

fermo2

Posts: 32
Joined: 1.Jan.2005
Status: offline

I am evaluating SurfControl Web Filter and I have found that this filter works only with Proxy enabled clients but I have the following problem.

I have a branch office that has direct access to the internet. It is also linked to the corporate network which has another access to internet. The ISA fw has 3 network interfaces: the external network (internet), the branch office LAN, and the corporate network.

People in the branch office can choose freely which link to internet to use. Now the choice can be made setting 2 different proxy servers: if they choose the ISA fw then the request is forwarded to the direct internet connection; if they choose the corporate proxy (which is outside the firewall), the corporate internet access is used.

My problem now is that those that choose the firewall proxy are correctly monitored by SurfControl, while those that choose the corporate proxy are ignored by it.

How can I solve the problem of having ALL people use the ISA proxy and still be able to let users choose the route to internet? (beside adding another firewall).

Luca

Post #: 1

Featured Links*

RE: How users can choose between 2 internet connections? - 2.Jan.2005 6:51:00 AM

ianfermo

Posts: 235
Joined: 7.Nov.2004
From: Zamboanga, Philippines
Status: offline

Hi,

Force everyone to use Web Proxy by enabling authentication on access rules in this way SecureNAT is not allowed giving only access to Web Proxy clients after authentication.

Cheers,

(in reply to fermo2)

Post #: 2

RE: How users can choose between 2 internet connections? - 2.Jan.2005 11:56:00 AM

fermo2

Posts: 32
Joined: 1.Jan.2005
Status: offline

Hi Ian,

I think that would work if the ISA server were the one that would choose the route to Internet.
What I want to accomplish is having the users choose which way to go.
I am thinking of installing ISA server on an additional computer inside the branch office and configuring it using the "Single network adapter".
This way I could use it as a proxy that routes requests to the corporate proxy. The users that want to access Internet through the ISP of the branch office will set their browser to use the firewall as a proxy; those who want to use the corporate access to Internet will set their browser to use this additional internal proxy.

Now I can run SurfControl on both ISA server machine and collect data from both.

I'd like to have your opinion on this.

Luca

[ January 02, 2005, 11:57 AM: Message edited by: fermo2 ]

(in reply to fermo2)

Post #: 3