Re: ISA 2004 Cache
From: Gabe Matteson (gmatteson_at_inquery.biz.nospam)
Date: 03/15/05
- Next message: Phillip Windell: "Re: ISA 2004 Cache"
- Previous message: David King: "Single-NIC configuration"
- In reply to: Phillip Windell: "Re: ISA 2004 Cache"
- Next in thread: Phillip Windell: "Re: ISA 2004 Cache"
- Reply: Phillip Windell: "Re: ISA 2004 Cache"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 15 Mar 2005 14:27:17 -0500
Thanks for the reply. Didn't know that, any documenation on that at? Very
helpful.
- Gabe
"Phillip Windell" <@.> wrote in message
news:%23SgB0GZKFHA.2704@tk2msftngp13.phx.gbl...
> If you are doing that in a Web browser there are problem interpeting the
> IP#
> as a real IP#. It goes like this:
>
> 1. The URL is assumed to use a Name (not an IP#)
>
> 2. If the Name is a single one-word Name,.. it is assumed to be a Netbios
> Name and is assumed to be Local (inside). The name is resolved to an IP#
> via WINS or Netbios broadcasts and the IP# is verified to be part of the
> internal Network, then you access it directly and the ISA does not get in
> the way.
>
> 3. If the name has "dots" in it, it is assumed to be a FQDN. All FQDNs
> are
> assumed to be out on the Internet unless they are contained in the LDT
> (not
> LAT) if you run ISA2000, ISA2004 doesn't have a LDT or LAT but uses the
> "Network Configuration" for the same purpose. If the FQDN is established
> as
> local, in the LDT on 2000 (or the counter part in 2004) then it is
> resolved
> by your local DNS and ISA doesn't get in the way.
>
> Problem. The IP# has..., guess what,..."dots". So it gets improperly
> interpreted as a FQDN and it is attempted to be resolved by DNS. It will
> fail because there is no such FQDN as "172.18.5.54". So to workaround
> this
> you must place the "172.18.5.54" in the LDT (that is L*D*T not LAT) if
> you
> run ISA2000,...or whatever the counterpart to that is with ISA2004. Now
> ISA
> will leave it alone and you will go directly to the Server as you are
> supposed to do.
>
> I have only verified this to be an issue with ISA2000,...we do not run
> ISA2004 so I don't know about it. However it may also be an issue with IE,
> but I just am not real sure where the problem really stems from,...I only
> know how to get around it.
>
> --
>
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
>
>
>
>
> "Gabe Matteson" <gmatteson@inquery.biz.nospam> wrote in message
> news:Or6Ex0YKFHA.2396@TK2MSFTNGP12.phx.gbl...
>> I thought by default the internal network by passed the firewall so that
>> traffic did no loop back. The problem that I am having is when a user
>> goes
>> to lets say 172.18.5.54, they can't because ISA doesn't allow them. I add
>> the ip to the domains tab in the web proxy config for the internal
>> network
>> and they can access it... Any ideas? Thanks.
>> - Gabe
>>
>>
>
>
- Next message: Phillip Windell: "Re: ISA 2004 Cache"
- Previous message: David King: "Single-NIC configuration"
- In reply to: Phillip Windell: "Re: ISA 2004 Cache"
- Next in thread: Phillip Windell: "Re: ISA 2004 Cache"
- Reply: Phillip Windell: "Re: ISA 2004 Cache"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
