Can you briefly explain the behavior of ISA 2004 out of the box with respect to URL sets? For example, while logged on locally to the ISA server I can browse various MSFT sites but not others. Where can I find this predefined "allowable" list? Do I have to explicitly enable URL sets?
The ISA firewall has a System Policy rule that allows the Local Host Network to connect to certain sites. If you enable the System Policy Rules for viewing, you'll see them and the URL or Domain Name Sets that are being allows.
Hi, is there any limit of URLs and Domains included in one set? I was trying to import Steve Moffat's XML files from the link - a sum of 20 files in Domain name set. But when I import file no. 3 I think it overwrites the previous link in the Set. I'm using ISA2004 EE SP2. Thanks.
I read the article and wanted to create my own URL block list from scratch, but when I creatd the rule as descirbed in the article, the users could easily access the site that was in the blocked list. (To test, I just created one site)
The rule is on the the top of the Firewall Policy.
Managed to screw up my mgmt console by following this!
Imported the Blocklist.xml into URL Sets fine. Created a new rule using that destination. Tested it, worked fine. Great! Now add some more... (oh dear) Got the 5 porn site XMLs from http://www.isaserver.bm/destination_sets.html I imported them all in as before, but this time only went to apply after they were all in. Took too long and it failed. I tried to discard changes and got the error 0x80070002 cannot find the file specifed. (Not that I could be told what that particular file is, nah that would be a USEFUL error msg!) No problem, I'll just Restore from a previous config backup. Nope. Same error msg. I deleted the Firewall policy that used that URL sets and tried to apply changes. Nope. same error msg. Tried to restore the config. Same error msg. Proxy services still work, but if I try to get into the URL sets through View \ Toolbox Network Objects. I cannot right click on the Url sets and the little menu just below Network Objects is gone. So my Toolbox appears to be broken and I can't tell it to reset the URL sets.
HELP! Running ISA Server 2004 standard. Very recent new install. Haven't really fully rolled it out even. It's a dedicated Windows 2003 Server with Web Spy Analyzer running also.
From: New Orleans, La
Hi, Has anyone successfully imported any of the lists into ISA 2006? We just got it in and loaded. I attempted to import the lists and I get an error. The error is
" The exported configuration file is from a beta installation of ISA Server. Importing a beta configuration file to this released version of ISA Server is not supported. To import a beta configuration, you must first upgrade the file to the Release Candidate (RC) build, and then import the RC configuration file."
We are having 50 users and using ISA Server 2004. We want to deny access to all the websites for some users and give a permission to check the mails using Outlook, When iam blocking all other protocols and allowing only pop3 and SMTP Iam not able to get the mails using Outlook. Out mail server is hosted on godaddy webhosting domain. How can i permit to get only mails usiong Outlook except any other sites Thanking You
I've followed all the steps to create a rule (wich is the first one) to deny the access to many websites (I imported the block list an added many other URLs), but I don't still know why my traffic goes thru other rule, almost the last one.
Tom, For this scenario to work, do my internal clients need to be configured as firewall/proxy client of the ISA server. Right now I do not have clients configured that way and I cannot get this to work.
The ISA firewall needs to be in the path between the clients and the Internet. If that is not the case, it's very easy for users to change their default gateway to whatever they like and bypass the ISA firewall.
HI, I am new in ISA server . I am trying to block particular web sites through ISA server 2004 & ISA server 2006 but not get succeed. I created a deny rule for this purpose but all in vain . Please help me to sort out this problem.
Hi Steave, Sorry but i didn't get your point.Actually ISA server 2004 is installed on my computer. Now with the help of it I want to block some particular sites.I created a firewall policy rule to restricted these sites but this is not working. I put this rule on top still all in vain. It will we really helpful for me if reply will be in some snap short form . Thanx in advanced
Hi Steave, Thanx for your effort,but I followed the step as you suggest me.Still the things not working. There is also a Query regarding this.As you suggest that First Create HTTP allowed Rule then Create a Deny Rule, But According to me ISA server follow the top to down topology. So at the top if we create a allow rule to HTTP traffic then will it work to block HTTP traffic by creating a deny rule at the second position.IS am I right??. Please reply ASAP. Thanks & Regards Shailesh