I have ISA2004 on Win2003 server. I configured the Internal network to autodiscover on port 80 (as I want to use DNS to the clients). While watching the monitor, I could see clients being denied to "get wpad.dat" on port 80. So, even though I told ISA to publish the information, I made an "allow all users, local host, HTTP protocol" rule. Clients were still being denied, so I did a netstat -a | find ":80" and see that ISA is not listening on port 80.
Status = 401; Unauthorized ( The server requires authorization to fulfill the request. Access to the Web server is denied. Contact the server administrator. ) WWW-Authenticate: Negotiate WWW-Authenticate: Kerberos WWW-Authenticate: NTLM Connection: Keep-Alive Pragma: no-cache Cache-Control: no-cache Content-Type: text/html Content-Length: 2057
This raises a few points. 1. I do NOT have IIS on the ISA box. 2. I did NOT create a "Web Server Publishing Rule". 3. There is a "System Policy Rule" (out of the box - rule # 30) that is disabled. The name is "Allow MS Firewall Control communication to selected computers". When you look at the description, and the parameters - this name makes no sense. 4. After setting my Internal network to AutoDiscovery and publish on port 80, do I need an additional rule?
Thanks for any help here. I really want to make this autoconfig work.
From: Viet Nam
quote:Originally posted by WANMAN: Hurray!
Not sure if it is the right answer or not, but IT WORKED.
I created a Publish HTTP server rule and used the ISA server "inside" IP address in my "firewall client" listener on port 80. Autodiscover now works.
Hi, WANMAN My system config you can follow me 1. Config ISA Server Enable Auto network 2. Config DHCP Add scope wpad: wpad, string, 252, http://name my server.my domain:port/wpad.dat 3. Config DNS Add host wpad.my domain It work fine
The problem seems to come from the fact that my third part Web Monitoring software (SurfControl) requires that the Internal network have the Require All Users to Authenticate check box checked for name resolution.
By publishing the localhost server on port 80, and creating an allow anyone from Internal access, I seem to have gotten around the problem.
Hi All , I want to use web proxy client to use with my Proxy server ( ISA 2000 ). I checked all from the below given link. But still i cant understand what is this wpad.dat & where can i save this . what are the contents of this file. If any body have idea of this . PLs reply.