I had a thread going in the nix section but really the problem now lies with ISA so I thought I would start a new thread.
We have a squid proxy ---> ISA 2006 with websense installed.
All clients that connect to the squid server show their IP in websense as the squid server IP and not their own client IP.
My question is does anyone know a way to make websense ignore the squid server IP and use the client IP.
I have configured squid to forward on the x_forwarded_by attribute and I have a filter on ISA and can confirm that the client IP is being sent. However, this does not seem to affect the websense client IP address!
Sometimes, workstations that must be filtered are located behind a proxy that uses Microsoft ISA Server as a proxy (proxy chaining).
Some proxies can be configured to expose the workstation's IP address in the HTTP header via the value of X-Forwarded-For:. Microsoft ISA integration with Websense software can be configured to do filtering lookups based on this value, rather than on the IP address of the downstream proxy.
To filter workstations behind multiple proxies:
Configure the downstream proxy to pass workstation IP addresses via X-Forwarded-For.
See the proxy documentation for instructions.
On the machine running Microsoft ISA Server, navigate to the WINDOWS\system32 directory.
Open the file wsMSP.ini in a text editor.
Add a new heading of: [configSection]
Under the new heading add the following key:
NOTE If the X-Forwarded-For value is not found in the HTTP header when this feature is enabled, filtering lookups occur based on the IP address of the downstream proxy.
Stop the ISA Server service via the Windows Services dialog box.
The service is labeled as Microsoft Firewall.
Start the ISA Server service via the Windows Services dialog box.
Repeat steps 1-6 for each machine on which Websense ISAPI Filter is installed.
There are currently 1 users browsing this thread. (0 members and 1 guests)