• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Logging without authentication? - got 2 work but nasty

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Logging and Reporting >> Logging without authentication? - got 2 work but nasty Page: [1]
Login
Message << Older Topic   Newer Topic >>
Logging without authentication? - got 2 work but nasty - 16.Mar.2005 5:29:00 PM   
GSandGN

 

Posts: 5
Joined: 16.Mar.2005
Status: offline
Isa2004 Standard - Public School environment

Our local vendor did the initial config and setup a Web access firewall policy that has an "All Users" condition. Makes for easier web access for students but puts anonymous user entries in the Monitoring/Logging window.

What I wanted was a way to see who_went_where without authentication. Not quite ready to take that step with the student body! My assumption is that authentication would populate the logs. Authentication will probably happen someday just so students dont use some of the generic logins.

Anyway, to get around this what I did was create another Web access rule that instead of "All Users" it has user groups that I created from our AD users. I excluded the Elem school as they dont have individual accounts anyway.

Worked! I could then get live data or historical data that showed the username and the site they went to (often just the IP but thats another issue). I did this by "Client Username" filter with our domain as the keyword. Nice, I could sort by individual if needed.

Problems: Its not clean. I think this somewhat redundant rule might have a negative impact but Im not sure yet. Further and the immediate issue - state assessment software that sends data via internet will not allow students to login unless I disable the new rule I made.

Questions: Is there a better way? Hopefully something simple? Can I exclude an app? I was on leave for 6weeks and came back to ISA2004! <grin> No suprise really but moving from Proxy2.0 has its challenges.

Thanks

S
Post #: 1
RE: Logging without authentication? - got 2 work but nasty - 17.Mar.2005 2:39:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi S,

In order to get Web site names and user information, you need to configure the clients as Web proxy clients. The ISA in education kit has everything you need to know for automating the Web proxy client configuration.

HTH,
Tom

(in reply to GSandGN)
Post #: 2
RE: Logging without authentication? - got 2 work but nasty - 17.Mar.2005 11:00:00 PM   
GSandGN

 

Posts: 5
Joined: 16.Mar.2005
Status: offline
Had a nice reply/qestion all typed up but MS popup blocking erased it. Now you get the blunt version.
_______________________________

I think our clients are in proxy mode, they get the proxy info in their browsers.

I dont see a proxy vs firewall "mode" for clients to verify config. I gather if you have proxy config entries on isa server, the clients are in proxy mode.

I DO get the information I want but had to create a new ruleset that had the AD users listed in user groups created on the isa server. This is a redundant rule! Things dont always break immediately and its a live environment. Ask first, test later!

Everything would be fine but my new rule, when enabled, prevents access to online assessment testing. I *think* I found how to exclude this but havent tested yet.

Am I stuck? Do I only have the options of:
1: custom rule made up of nearly our entire user base? Rules including domain users by group didnt work. This adds more maintenance.
2: require authentication so logs are populated with user information?

(in reply to GSandGN)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Logging and Reporting >> Logging without authentication? - got 2 work but nasty Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts