Re: Access rule/Authentication problem in ISA 2004

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

What you stated is not true. I am using ISA2004 and added AD groups directly
for rules that required authentication.

"User authentication is also changed in ISA 2004. In 2000 you could add a AD
user or group. In 2004 you must first make a ISA 2004 user set. Double
administration."

"Fredito" <a55504567@xxxxxxxxxxx> wrote in message
news:452cd894$0$4527$e4fe514c@xxxxxxxxxxxxxxxxx
I understand what you say, but still; in 2000 I had a access rule bases on
user authentication for ping and VPN that worked.

I will test the problem in future more deeply. Maybe it has to do with
that my ISA 2004 is totally routed, this was not possible in ISA 2000. Or
maybe it has to do with the order of my rules.

User authentication is also changed in ISA 2004. In 2000 you could add a
AD user or group. In 2004 you must first make a ISA 2004 user set. Double
administration.

Thanks for your responses so far!

"Phillip Windell" <@.> wrote in message
news:uSLWVH%236GHA.3620@xxxxxxxxxxxxxxxxxxxxxxx
The problem is that the Firewall Client can not authenticate all
programs in ISA 2004. In ISA 2000 this was possible. PING and VPN can
not be authenticated in ISA 2004. I wonder if there is a solution for
this problem. Maybe ISA 2006? I tried the new Firewall Client, but this
is also not working.

2000 was the same as 2004 and 2006 concering this.

The Firewall Client will authenticate any program that is "proxyable".
ICMP and GRE are not "proxyable", and hence require NAT. It doesn't
matter if it is 2000, 2004, and (probably) 2006.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com






.

Relevant Pages

  • Re: Nortel VPN Client
    ... Turn off the firewall client from ISA. ... VPN negotiation and the actual tunnel cannot go through separate routes. ... If I run port 500 through ISA but run port 10001 ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN to server and then cant browse the internet
    ... the firewall client. ... > select the VPN connection and open properties. ... > the users will now access the internet via ISA and FW ...
    (microsoft.public.backoffice.smallbiz2000)
  • ISA 2004 Quarantine w/XP SP2 & Firewall Client?
    ... ISA 2004SE SP1. ... VPN and quarantine are working nicely. ... We have some XP SP2 mobile machines (laptops) that are joined to our domain ... Firewall Client is disabled during this VPN process. ...
    (microsoft.public.isa.vpn)
  • RE: Remote Exchange Server Access broken
    ... the firewall client application identifies the internal/external ... firewall client application and then sent to the ISA server. ... Generally speaking, to use a VPN client through the ISA server, we ...
    (microsoft.public.windows.server.sbs)
  • Re: Access rule/Authentication problem in ISA 2004
    ... With the VPN I ment from internal to external. ... says that the Firewall Client supports 'All Winsock applications'. ... The problem is that the Firewall Client can not authenticate all programs ... In ISA 2000 this was possible. ...
    (microsoft.public.isa)