cbsc Posted October 12, 2010 Report Posted October 12, 2010 (edited) I'm hoping someone might be able to help with the following issue...... When users are browing the internet, they randomly get redirected to the following webpage: http://office.microsoft.com/en-gb/ When checking our firewall logs, the following link appears: http://officeimg.vo.msecnd.net There doesn't appear to be any specific pattern, but it does occur at least on a daily basis at some point during the day. We have a Smoothwall server set up at the school, and use Microsoft Office 2007 - including Outlook 2007 connected to an Exchange 2003 server. The smoothwall server uses an upstream proxy - based at the Local Authority (this is compulsory - as part of our service agreement). The other school I'm aware that's also experiencing these issues, use a ISA 2006 Proxy server, have Office 2007 and also have to connect to the upstream proxy. A 3rd school in the borough I have been in contact with also use the upstream proxy, but no firewall and Office 2003 - and haven't experienced these issues. Testing has been carried out on a Ubuntu box running firefox, and the issue still occurs. I've been advised that it's courtesy of Microsoft's in-built ad engine attempting to get you to upgrade to the next version of Office. Any ideas anyone??? If the above statement is true, is there any way of disabling this ad engine?? Edited October 12, 2010 by cbsc
tom_newton Posted October 12, 2010 Report Posted October 12, 2010 Which version of smoothie are you on?
cbsc Posted October 12, 2010 Author Report Posted October 12, 2010 Hi Tom, We're running SmoothWall Advanced Firewall (+ Guardian). We make sure it's always kept up-to-date.
Duke5A Posted October 13, 2010 Report Posted October 13, 2010 And the plot thickens.... There is another post I'm involved in on here dealing with this issue. http://www.edugeek.net/private.php?do=showpm&pmid=108013 I work IT for a public school district, and we have a similar setup. Squid /w DG setup to authenticate to the Active Directory, that utilizes an upstream proxy (also state mandated). We run Office 2003 on every district computer here, and there shouldn't be any Office 2007 systems that pass through this proxy. It was only setup for students. I've performed testing on a couple of different flavor operating systems, including Ubuntu using wget at the command line, and the problem is still present. Whatever is causing this, it is definitely the proxy.
tom_newton Posted October 13, 2010 Report Posted October 13, 2010 Do you know what the upstream proxy is cbsc?
powdarrmonkey Posted October 13, 2010 Report Posted October 13, 2010 And the plot thickens.... There is another post I'm involved in on here dealing with this issue. http://www.edugeek.net/private.php?do=showpm&pmid=108013 That's a link to a private message (the clue is in the name).
Duke5A Posted October 13, 2010 Report Posted October 13, 2010 That's a link to a private message (the clue is in the name). Whoops... http://www.edugeek.net/forums/internet-related-filtering-firewall/62642-squid-dansguardian-redirecting-office-download-page.html#post573964 That's what happens when you've got 25 or so tabs open in a single window.
cbsc Posted October 14, 2010 Author Report Posted October 14, 2010 I've been told the LA use a Cisco AWE, and that it's running mainly on defaults, proxying on incoming ports 80 and 8080 and for http and https.
cbsc Posted October 14, 2010 Author Report Posted October 14, 2010 Sorry to have started a new thread by the way, but hadn't noticed the other one! I was just searching for Office - Microsoft Office as this is what appears in our logs!
tom_newton Posted October 14, 2010 Report Posted October 14, 2010 @cbsc - can you pm me your details, and i'll make a support ticket from it, then if they can solve it, we can let Duke know (either that or make a ticket on our system yourself and PM me the ID)
glennda Posted October 14, 2010 Report Posted October 14, 2010 @cbsc - can you pm me your details, and i'll make a support ticket from it, then if they can solve it, we can let Duke know (either that or make a ticket on our system yourself and PM me the ID) CBSC is using the Same company as us for upstream proxy so if you go find out why can you let me know to!
tom_newton Posted October 14, 2010 Report Posted October 14, 2010 It is interesting that everyone who is seeing this is using some form of upstream proxy. Duke - who or what is yours?
glennda Posted October 14, 2010 Report Posted October 14, 2010 I am using an un-authenticated upstream proxy and my proxy uses authentication - if this makes a difference i don't know - also could it be something to do with a cisco upstream proxy - as both myself and CBSC have these as upstream proxys - I am really stumped as to why this is happening as the logs i received from our upstream proxys show what the request is coming from us and our server is showing the requests coming from us but the client is not requesting it at that time!
Duke5A Posted October 18, 2010 Report Posted October 18, 2010 It is interesting that everyone who is seeing this is using some form of upstream proxy. Duke - who or what is yours? Yeah, exact same setup as Glennda (un-authenticated upstream, and authenticated proxy in-house). Our upstream proxy is provided by the County, and I believe they use Smart Filter by Mcafee. It's still smooth sailing since I created that ACL to bypass domain authentication, and added the office site.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now