RE: FWC +VPN, red FWC icon, non domain member

From: Jorge Fei [MSFT] (v-jfei_at_online.microsoft.com)
Date: 02/25/04

Next message: A Klimkin: "Re: New protocol rules don't seem to work"
Previous message: Tim Farr: "Re: 403 forbidden - web proxy"
In reply to: Cengiz Ilerler: "FWC +VPN, red FWC icon, non domain member"
Messages sorted by: [ date ] [ thread ]

Date: Wed, 25 Feb 2004 07:06:58 GMT

Dear Cengiz,

Thanks for posting here.

Based on my knowledge, this behavior is probably caused by the "Applies To"
setting on the ISA server. When you set the "Applies To" of the "Protocol
Rules" to some restricted user accounts, the ISA server will identify the
users. This identification is integrated with the firewall client and the
logon accounts. When the non-domain client computer connects to the ISA
server, the firewall service doesn't prompt the authentication dialog box
and then the FWC connection will fail. Otherwise, the non-domain computers
can get an authentication dialog box when access the Internet via proxy
because the web access is provided by the Web Proxy Service; the "HTTP
proxy required authentication" protocol is supported by the Web Proxy
Service and the Internet browser. This is a by-designed behavior.

As a workaround, you may set the "Applies To" of the "Protocol Rules" to
"All requests" if you need to connect the non-domain computers with the ISA
server by using FWC.

I hope the above information helps.
If you have any questions, please feel free to let me know.

Have a nice day!

Sincerely,

Jorge Fei

MCSE MCP
Microsoft Partner Online Support

Get Secure! - www.microsoft.com/security
====================================================
When responding to posts, please "Reply to Group" via your newsreader

so that others may learn and benefit from your issue.
====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

Next message: A Klimkin: "Re: New protocol rules don't seem to work"
Previous message: Tim Farr: "Re: 403 forbidden - web proxy"
In reply to: Cengiz Ilerler: "FWC +VPN, red FWC icon, non domain member"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: SecureNAt
... the web proxy has nothing to do with the NAT / no NAT rule. ... on behalf of the client. ... Of course you can NAT or not NAT the http requests ... > However it now means that the ISA server cannot act as a Web Proxy Cache ...
(microsoft.public.isa)
RE: SecureNAt
... disabling the web proxy filter stops the natting ... However it now means that the ISA server cannot act as a Web Proxy Cache ... all http traffic goes directly to the destination website and does ...
(microsoft.public.isa)
RE: Web proxy returns Error code 502 (12202)
... installed the firewall client and added *.sun.com to the exceptions ... For now, I will restore the ISA server settings. ... An ISA Server 2006 Web Proxy client receives error code 502 when a user ...
(microsoft.public.isa)
Re: Win proxy service stops
... Restart the Web Proxy Service. ... >> encountered when ISA Server restored specific data cache files. ...
(microsoft.public.windows.server.sbs)
RE: SecureNAt
... Disable the Web Proxy Filter ... Requests from Web browsers (with proxy settings pointing to ISA Server) ... > when I use http protocol (try to get on the internet) the ISA server NAT's ...
(microsoft.public.isa)