Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
RE: Discussion about article on site blocking
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
RE: Discussion about article on site blocking - 10.Aug.2006 4:58:48 PM
|
|
|
JerseyJack
Posts: 7
Joined: 19.Jul.2006
Status: offline
|
Greg or Tom,
Can you briefly explain the behavior of ISA 2004 out of the box with respect to URL sets? For example, while logged on locally to the ISA server I can browse various MSFT sites but not others. Where can I find this predefined "allowable" list? Do I have to explicitly enable URL sets?
Thanks!
Jack
|
|
|
|
|
RE: Discussion about article on site blocking - 13.Aug.2006 6:28:26 PM
|
|
|
tshinder
Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Jack,
The ISA firewall has a System Policy rule that allows the Local Host Network to connect to certain sites. If you enable the System Policy Rules for viewing, you'll see them and the URL or Domain Name Sets that are being allows.
HTH,
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: Discussion about article on site blocking - 29.Sep.2006 5:13:08 PM
|
|
|
amentma
Posts: 6
Joined: 27.Sep.2005
From: Slovakia
Status: offline
|
Hi,
is there any limit of URLs and Domains included in one set? I was trying to import Steve Moffat's XML files from the link - a sum of 20 files in Domain name set. But when I import file no. 3 I think it overwrites the previous link in the Set. I'm using ISA2004 EE SP2. Thanks.
|
|
|
|
RE: Discussion about article on site blocking - 12.Oct.2006 5:44:53 AM
|
|
|
shamsr
Posts: 4
Joined: 13.May2005
Status: offline
|
Hi All,
I read the article and wanted to create my own URL block list from scratch, but when I creatd the rule as descirbed in the article, the users could easily access the site that was in the blocked list. (To test, I just created one site)
The rule is on the the top of the Firewall Policy.
Please help me out !!
-shamsr
|
|
|
|
|
RE: Discussion about article on site blocking - 20.Dec.2006 2:16:30 AM
|
|
|
Maclanachu
Posts: 3
Joined: 14.Aug.2005
From: Auckland
Status: offline
|
Managed to screw up my mgmt console by following this!
Imported the Blocklist.xml into URL Sets fine.
Created a new rule using that destination.
Tested it, worked fine.
Great! Now add some more... (oh dear)
Got the 5 porn site XMLs from
http://www.isaserver.bm/destination_sets.html
I imported them all in as before, but this time only went to apply after they were all in. Took too long and it failed.
I tried to discard changes and got the error 0x80070002 cannot find the file specifed. (Not that I could be told what that particular file is, nah that would be a USEFUL error msg!)
No problem, I'll just Restore from a previous config backup.
Nope. Same error msg.
I deleted the Firewall policy that used that URL sets and tried to apply changes. Nope. same error msg.
Tried to restore the config. Same error msg.
Proxy services still work, but if I try to get into the URL sets through View \ Toolbox Network Objects. I cannot right click on the Url sets and the little menu just below Network Objects is gone.
So my Toolbox appears to be broken and I can't tell it to reset the URL sets.
HELP!
Running ISA Server 2004 standard. Very recent new install. Haven't really fully rolled it out even. It's a dedicated Windows 2003 Server with Web Spy Analyzer running also.
thx if u can help
Mac.
|
|
|
|
RE: Discussion about article on site blocking - 1.Feb.2007 6:49:40 PM
|
|
|
kb5oze
Posts: 20
Joined: 18.Apr.2002
From: New Orleans, La
Status: offline
|
Hi,
Has anyone successfully imported any of the lists into ISA 2006? We just got it in and loaded. I attempted to import the lists and I get an error. The error is
" The exported configuration file is from a beta installation of ISA Server. Importing a beta configuration file to this released version of ISA Server is not supported. To import a beta configuration, you must first upgrade the file to the Release Candidate (RC) build, and then import the RC configuration file."
Any idea on how to address this?
Thanks,
Mike
|
|
|
|
|
How to allow only outlook in ISA server 2004 - 22.Aug.2007 12:34:25 AM
|
|
|
sampath
Posts: 1
Joined: 5.Jun.2007
Status: offline
|
We are having 50 users and using ISA Server 2004. We want to deny access to all the websites for some users and give a permission to check the mails using Outlook, When iam blocking all other protocols and allowing only pop3 and SMTP Iam not able to get the mails using Outlook. Out mail server is hosted on godaddy webhosting domain.
How can i permit to get only mails usiong Outlook except any other sites
Thanking You
|
|
|
|
|
RE: Discussion about article on site blocking - 28.Apr.2008 5:38:42 PM
|
|
|
drk_xstnc
Posts: 2
Joined: 28.Apr.2008
Status: offline
|
Hi,
I've followed all the steps to create a rule (wich is the first one) to deny the access to many websites (I imported the block list an added many other URLs), but I don't still know why my traffic goes thru other rule, almost the last one.
Does anyone have idea about this matter?
I appreciate your help.
Guillermo.
|
|
|
|
|
RE: Discussion about article on site blocking - 30.Apr.2008 1:28:46 PM
|
|
|
tshinder
Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
|
If you were able to import the sets, make sure you make a deny rule that includes those sets and put it above any allow rules.
HTH,
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: Discussion about article on site blocking - 30.Apr.2008 1:57:45 PM
|
|
|
drk_xstnc
Posts: 2
Joined: 28.Apr.2008
Status: offline
|
Hi Tom,
Thanks for your answer.
Well, I've put the rule at the top (is the number one), besides, It has the restriction deny.
So, what could be the problem? I dun't really have idea.
Thx.
|
|
|
|
|
RE: Discussion about article on site blocking - 1.May2008 10:05:14 AM
|
|
|
tshinder
Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
|
If it is at the top, and applys to all users, then it must work. Otherwise, you have enabled hosts to bypass the ISA Firewall (perhaps by using a unihomed ISA firewall?)
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
