• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Anonymous denied connections!

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> Anonymous denied connections! Page: [1]
Login
Message << Older Topic   Newer Topic >>
Anonymous denied connections! - 3.Mar.2005 6:26:00 PM   
laney0906

 

Posts: 6
Joined: 3.Mar.2005
Status: offline
Ok guys, heres the situation

I have ISA2004 Std detup in a unihomed config. I only want it as a Web proxy upstreaming to another proxy product as I have other firewall on the network performing the firewall tasks

I have configured an access rule to allow all requests from Internal to External

In "Networks" I have configured Internal to be my subnet that has my web proxy clients in it. I have Enabled Web proxy clients for this network group on port 80. I have also setup "Require all clients to authenticate using Basic Authentication. (NT4.0 Domain)

I have then setup Web Chaining to the upstream proxy and have set this to redirect all requests (http and https)as port 8080.

Everything is working fine, and my web proxy clients can access the internet over http and https. HOWEVER and this is the strange thing

When a client accesses a website I get a load of Anonymous denied connections in the web proxy log.

The first connection from the client shows the client IP, username and that it has authenticated ok, it shows the rhost and r-ip as the upstream proxy. It then shows 4-5 anonymouse connections from the same client IP with the remote host being the URL of the internet site but the RIP being the ISA server. As this si an anonymouse connection it denies the packet.

I dont think this is causing any major problems, but it defo doesn't look right..Does anyone know why this is happening and if it is actaully causing problems and if I can change or do anything to resolve it

Thanks

"[Confused]"

[ March 03, 2005, 06:28 PM: Message edited by: laney0906 ]
Post #: 1
RE: Anonymous denied connections! - 7.Mar.2005 11:17:00 AM   
jmcculloch

 

Posts: 4
Joined: 4.Mar.2005
From: Alfreton Derbyshire
Status: offline
Standard ISA connection will try at least 2 anonymous connections to a site before it tries authentication.

In theory you should get at least 2 anonymous connections per access is my belief on this.

(in reply to laney0906)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> Anonymous denied connections! Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts