+ Post New Thread
Results 1 to 4 of 4
Wireless Networks Thread, Problem to configure Web Access Rule on ISA Server 2006 in Technical; Hello, I have created a web access rule to deny HTTP, HTTPS protocols to internal network from a specific web ...
  1. #1

    Join Date
    May 2010
    Thank Post
    Thanked 0 Times in 0 Posts
    Rep Power

    Problem to configure Web Access Rule on ISA Server 2006


    I have created a web access rule to deny HTTP, HTTPS protocols to internal network from a specific web site defined on a URL Set. This rule is set to a group from Active Directory defined on Users Set. This group owns only one member.
    When we try to test internet access on client, ISA Server blocks not only the user group we have set in the rule, but all users from Active Directory.
    What could be the problem?

    Using Windows Server 2008 as a Domain Controller
    ISA Server 2006 is runnig on Windows Server 2003
    Client machines are using Windows XP SP3

    Tests are being implement on a virtual network using VirtualBox.

  2. #2

    SYNACK's Avatar
    Join Date
    Oct 2007
    Thank Post
    Thanked 2,717 Times in 2,302 Posts
    Blog Entries
    Rep Power
    Is the deny rule above the allow rule for other http acess as it goes down the list in order. Also are the cliets set to allow Integrated Windows Authentication so that they will pass through the required information to ISA.

  3. #3
    ascott2's Avatar
    Join Date
    Nov 2007
    Thank Post
    Thanked 37 Times in 29 Posts
    Rep Power

    Firewall Client

    Do you have the firewall client installed on the machine? As far as I was aware, to do any user based control or logging you need to have the client installed.

  4. #4

    Join Date
    Dec 2007
    Thank Post
    Thanked 26 Times in 5 Posts
    Rep Power
    As mentioned previously, check you have enabled Integrated Authentication. Configuration -> Networks -> Networks(tab) -> Internal -> right click -> properties -> Web Proxy(tab) ->Authentication - check integrated

    You cannot use transparent proxy(just setting a default gateway) if you want to use rules requiring authentication. You need to set a proxy server in your Web Browser. Check your web browser is set to use ISA as the proxy server and on the correct port number( ISA default 8080).
    Check you rule is configured in the correct direction. Your source should be you internal network and the destination should be the URL set of the address you want to ban if you are trying to block out going requests.

    If you are still having problems use the Logging tab as it will tell you what rule is denying the request and if your user is authenticated. Monitoring -> Logging (tab)

    Hope this helps,

+ Post New Thread

Similar Threads

  1. Replies: 1
    Last Post: 19th April 2010, 03:50 PM
  2. ISA Server 2006 & EMBC - web filtering
    By Modey in forum Wireless Networks
    Replies: 7
    Last Post: 23rd April 2008, 11:28 AM
  3. ISA 2006 - avoid rule if logging into a certain machine
    By jmair in forum Network and Classroom Management
    Replies: 0
    Last Post: 13th November 2007, 10:48 PM
  4. ISA 2004 - web access intermittent problem
    By SimonC in forum Windows
    Replies: 11
    Last Post: 13th February 2007, 10:48 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts