Re: Firewall client and authentication
From: Jim Harrison [MSFT] (jmharr_at_online.microsoft.com)
Date: 12/24/04
- Next message: Jim Harrison [MSFT]: "Re: Error Code 10060: Connection timeout"
- Previous message: Jim Harrison [MSFT]: "Re: FTP dir-list problems by using Firewall Client ISA 2000"
- In reply to: Philip Colmer: "Firewall client and authentication"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 24 Dec 2004 09:37:23 -0800
This is a known issue.
Currently, the workaround is this:
- Configure your rules to apply to "authenticated users"
- Uncheck "Require all users to authenticate"
-- Jim Harrison [ISASE] Read the help, books and articles! This posting is provided "AS IS" with no warranties, and confers no rights. "Philip Colmer" <pcolmer@newsgroups.nospam> wrote in message news:%23OHL9u35EHA.2012@TK2MSFTNGP15.phx.gbl... I've set up a test domain where ISA 2004 is installed and a client PC has installed the firewall client through Group Policy. I've configured DNS to give out the IP address for WPAD. The logging shows that the the request for http://wpad/wpad.dat comes from "anonymous" - not surprising since no-one is logged into the PC. However, this means that if I configure the network entry to require all users to authenticate, the request fails. Annoyingly, the request fails, even though I've got a rule that allows HTTP access to "Local Host" for all users! The logging for the anonymous request does not specify which rule is granting or denying access. Can anyone suggest how I improve on this configuration? I was trying to get authentication in place because I want to have restricted access for certain users but full access for other users. --Philip
- Next message: Jim Harrison [MSFT]: "Re: Error Code 10060: Connection timeout"
- Previous message: Jim Harrison [MSFT]: "Re: FTP dir-list problems by using Firewall Client ISA 2000"
- In reply to: Philip Colmer: "Firewall client and authentication"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
Loading
