Welcome to ISAserver.org

Access to Secured site

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2000 Firewall] >> Firewall Client >> Access to Secured site

Page: [1]

Message

<< Older Topic Newer Topic >>

Access to Secured site - 2.Sep.2002 10:09:00 AM

eesh

Posts: 32
Joined: 8.Jan.2002
Status: offline

Hi!

We are facing problem in accessing one site named https://evalue.internationaldelivers.com/partsonline, through a client who is restricted to use only this site. As soon as he opens the site, he is prompted for ISA authentication screen. But if the same client is given full/unrestricted access, he is able to access the site.

Eesh

Post #: 1

Featured Links*

RE: Access to Secured site - 3.Sep.2002 4:20:00 PM

tshinder

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Eesh,

Is the client logged onto the domain (the same one as the ISA Server) and is the ISA Server configured to support integrated auth on the outbound web requests listener?

Thanks!

Tom

(in reply to eesh)

Post #: 2

RE: Access to Secured site - 11.Sep.2002 8:11:00 AM

eesh

Posts: 32
Joined: 8.Jan.2002
Status: offline

Hi Shinder!
Client is logging into a win NT4.0 domain which in turn has trust relationship with ISA server domain. He is getting access to this site if given access to All Destinations in Site & Content rules. Whereas restricting to this particular site prompts him for authentication.
Integrated authentication is turned ON in Outgoing web requests.

(in reply to eesh)

Post #: 3

RE: Access to Secured site - 11.Sep.2002 11:19:00 PM

ml68

Posts: 1
Joined: 11.Sep.2002
Status: offline

Hello

Don't know if this will help you or not but whenever I had to restrict a user to a particular site, I first had to create two destination sets. The first one would have a destination of *.* and the second would have a destination of the site like *.whatever.com. Then create a content rule for the user that denies to the first destination set (*.*) and create a second content rule for the user that allows to the second destination set. This works for me with ISA and the user in same NT4 domain. Hope this helps.

(in reply to eesh)

Post #: 4

RE: Access to Secured site - 12.Sep.2002 7:24:00 AM

eesh

Posts: 32
Joined: 8.Jan.2002
Status: offline

Thanx ml68,

This is the only site giving problem. All other,may be hundreds, are working fine with restrictions.

Eesh

(in reply to eesh)

Post #: 5

RE: Access to Secured site - 12.Sep.2002 6:50:00 PM

lemonwater925

Posts: 417
Joined: 22.Mar.2001
From: North of the 49th
Status: offline

Check the site for all elements of the page and make sure they are in your destintation set.

(in reply to eesh)

Post #: 6

RE: Access to Secured site - 14.Sep.2002 7:53:00 AM

eesh

Posts: 32
Joined: 8.Jan.2002
Status: offline

Hi!
First page of the site is the login ID page and does not have any links to any other site/page.
It does not open even the first login page.
Otherwise we are using many secured sites alongwith other normal site with and without restrictions and have destination sets for them.

Eesh

(in reply to eesh)

Post #: 7

RE: Access to Secured site - 15.Sep.2002 5:55:00 PM

tshinder

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Eesh,

Turn on Rule#1 and Rule#2 in the Web Proxy and Firewall logs. That will tell you what Protocol and Site and Content Rules are allowing and denying the requests.

Then check the logs for the pages you're trying to access and see what's denying the request.

HTH,
Tom

(in reply to eesh)

Post #: 8