What client type am I using? (Full Version)

All Forums >> [ISA Server 2004 Firewall] >> Firewall Client



Message


lcsgeek -> What client type am I using? (28.Oct.2005 1:06:00 PM)

I'm reading the section with a header of "ISA 2004 Multiple Client Type Configuration" in Chapter 5 and after reading it numerous times I still sense a contradiction:

quote:
Many ISA firewall administrators are under the impression that a single machine cannot be configured as a WebProxy, Firewall and SecureNAT client. This is a misconception. It is possible and sometimes preferred that a single computer be configured as all three types of ISA client.
The truth is that a single machine cannot be configured to act as both a Firewall client and a SecureNAT client.

I have gone through the installation of the Firewall client and configured it via the 'Microsoft Firewall Client Management' utility. How can I tell what client type I am using? Does this or does this not negate all other client types? I'm not seeing my username show up in the realtime monitor - it still shows anonymous associated with all traffic coming from my client IP - this makes me think that I'm not using the Firewall client.

Please put the cookies down low for me so I can reach them.

Darin




tshinder -> RE: What client type am I using? (11.Nov.2005 6:09:27 PM)

Hi Darin,

Very good question.

First, I could have written that much better. :)  What I should have said was:

A computer cannot simultaneously act as a Firewall and SecureNAT client for a particular connection. For example, if I'm acting as a Firewall client to connect to a specific POP3 server, I'm cannot be working as a SecureNAT client at the same time, becuase the connections are forwarded (remoted) to the ISA firewall, independent of the gateway addresses configured in the organization's routing structure that provides a path to the Internet.

See why I didn't put it that way? It would have lead to a much longer discussion ;)

How do you tell if its a Firewall client or SecureNAT connection? Check the ISA firewall's log files. The log will tell you if the connection is authenticated or not. If not, then its SecureNAT.

HTH,
Tom




Page: [1]