Firewall Client and Intranet (Full Version)

All Forums >> [ISA Server 2004 Firewall] >> Firewall Client


eminent -> Firewall Client and Intranet (23.May2005 6:43:00 PM)


I have recently setup ISA Server 2004 and everything is working great except for one problem. Firewall clients and Web Proxy clients cannot access the intranet. They get an error saying the request has been denied by the ISA server. Everything works fine for the secure-NAT. Am I forgetting something? What do I need to do the enable Firewall clients and Web Proxy clients to be able to access the internal web sites?


LLigetfa -> RE: Firewall Client and Intranet (23.May2005 7:00:00 PM)

Set them up in the exclusion lists.

Guest -> RE: Firewall Client and Intranet (24.May2005 10:20:00 AM)

and where is this list ??

is it in the isa server 2004 ??

or manually on each computer in IE Lan Settings ?

LLigetfa -> RE: Firewall Client and Intranet (24.May2005 1:08:00 PM)

Are you talking about FWC or WP?

In the ISA console, under Configuration, Networks, Internal, Properties, there are several tabs. Follow your nose for settings on Addresses, Domains, and Web Browser.

These of course all depend on how you setup your autodiscovery and/or FWC deployment.

You can also use GPO and/or FWCTool to configure.

Guest -> RE: Firewall Client and Intranet (27.May2005 4:40:00 AM)

To Answer u :

There are no exclusion list in the Network > Internal > Properties > Tabs

if u ever used GPO , u would know at least that the ISA 2004 Client Firewall overwrites the GPO setting in Internet Explorer Proxy Settings.

and last for the FWCTool > i need something central , i dont need to go to each machine and configure it.

The Answer is with Direct Access :

[ May 27, 2005, 04:43 AM: Message edited by: majdal ]

LLigetfa -> RE: Firewall Client and Intranet (27.May2005 10:49:00 AM)

Like I said... follow your nose. [Roll Eyes]
There is more than one place to set exclusions depending on how things are configured and depending on whether the WP or FWC is used.


Guest -> RE: Firewall Client and Intranet (27.May2005 1:23:00 PM)

haha [Smile] but still man even with direct access , its not working.

iam glad with the GPO , but the problem is that the isa fwc changes the settings the GPO has set before .

i have a portal and a wireless access port that has a web interface.

i need to execlude them from the isa proxy , i addedd their IPs in the direct access , i added a rule to acces them with all outbound and still nothing works !

so following the nose sometimes doesnt help [Smile]

a question :

can i restrict the fwc to change the GPO settings?

LLigetfa -> RE: Firewall Client and Intranet (27.May2005 1:54:00 PM)

I cannot help it if your nose is lost. Under the tabs that I mentioned, there are settings for both WP and FWC exclusions.

AFAIK, if you turn on the option of having the FWC set the WP and the exclusions, it will set it the same for all users. I chose not to have the FWC set WP and I use just GPOs to do it. That way I can have any number of GPOs with different settings.

Guest -> RE: Firewall Client and Intranet (28.May2005 11:31:00 AM)

Thumb up for you man [Smile]

Thats the trick i want

i really was [Confused] with this , but now i understand it . thanks to you LLigetfa

Page: [1]