What client type am I using? (Full Version)

All Forums >> [ISA Server 2004 Firewall] >> Firewall Client


lcsgeek -> What client type am I using? (28.Oct.2005 1:06:00 PM)

I'm reading the section with a header of "ISA 2004 Multiple Client Type Configuration" in Chapter 5 and after reading it numerous times I still sense a contradiction:

Many ISA firewall administrators are under the impression that a single machine cannot be configured as a WebProxy, Firewall and SecureNAT client. This is a misconception. It is possible and sometimes preferred that a single computer be configured as all three types of ISA client.
The truth is that a single machine cannot be configured to act as both a Firewall client and a SecureNAT client.

I have gone through the installation of the Firewall client and configured it via the 'Microsoft Firewall Client Management' utility. How can I tell what client type I am using? Does this or does this not negate all other client types? I'm not seeing my username show up in the realtime monitor - it still shows anonymous associated with all traffic coming from my client IP - this makes me think that I'm not using the Firewall client.

Please put the cookies down low for me so I can reach them.


tshinder -> RE: What client type am I using? (11.Nov.2005 6:09:27 PM)

Hi Darin,

Very good question.

First, I could have written that much better. :)  What I should have said was:

A computer cannot simultaneously act as a Firewall and SecureNAT client for a particular connection. For example, if I'm acting as a Firewall client to connect to a specific POP3 server, I'm cannot be working as a SecureNAT client at the same time, becuase the connections are forwarded (remoted) to the ISA firewall, independent of the gateway addresses configured in the organization's routing structure that provides a path to the Internet.

See why I didn't put it that way? It would have lead to a much longer discussion ;)

How do you tell if its a Firewall client or SecureNAT connection? Check the ISA firewall's log files. The log will tell you if the connection is authenticated or not. If not, then its SecureNAT.


Page: [1]