Re: ISA/Proxy problem
From: Phillip Windell (_at_.)
Date: 12/17/04
- Next message: Dproctor: "Re: SBS2003 Backup Probs - Still"
- Previous message: Fred: "Which PocketPC Phone edition to use with SBS2k3?"
- In reply to: SuperGumby [SBS MVP]: "Re: ISA/Proxy problem"
- Next in thread: Chad A. Gross [SBS MVP]: "Re: ISA/Proxy problem"
- Reply: Chad A. Gross [SBS MVP]: "Re: ISA/Proxy problem"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 17 Dec 2004 09:53:07 -0600
"SuperGumby [SBS MVP]" <not@your.nellie> wrote in message
news:ODtNPw64EHA.2568@TK2MSFTNGP11.phx.gbl...
> I have not adjusted the default behaviour of the HTTP redirector.
The Protocol rule they suggest is an "anonymous" rule, as indicated by the
"Any Request". This allows it to work because Ad-Aware's problem in the
first place is its inability to properly pass the credentials to the Web
Proxy Service in the proper manner. The suggested Rule causes ISA to not
ask for credentials when going to Lavasoft's URLs,...hence it works.
If someone is not willing to use Anonymous Rules, then they must adjust the
Redirector to not send to the Web Proxy Service, remove the Browser's Proxy
Settings and run the Clients as Firewall Clients only. SecureNAT doesn't
authenticate and is effectively anonymous so isn't a viable solution if
authentication is required by company policy.
In the end, it is a lot of "crap" to go through for just one stupid
application because some programmer didn't write their code properly.
Other products will have similar problems if they use FTP to transfer the
update using FTP methods that aren't compatible with the "encapsulated
read-only FTP" that is used by the CERN web proxy standard. In those cases
the client has to run as a Firewall Client or SecureNAT client to be able
run standard FTP.
Even the newset version of Windows Update doesn't work properly with their
own ISA, and I believe again it is an authentication issue (but a different
type). I suspect it is because one division of a large company did not
collaborate properly with another division in the same large company so that
their production methods agreed with each other.
Here is their article on that. You will notice that their solution is to
create an "anonymous" rule as did Lavasoft. In this case, with one of the
two scenarios, they seem to want to blame Internet Explorer and have a patch
for it. In the other scenario they say the root cause is still being
investigated.
You experience problems when you access the Windows Update Version 5 Web
site through a server that is running ISA Server
http://support.microsoft.com/default.aspx?scid=kb;en-us;885819
-- Phillip Windell [MCP, MVP, CCNA] www.wandtv.com
- Next message: Dproctor: "Re: SBS2003 Backup Probs - Still"
- Previous message: Fred: "Which PocketPC Phone edition to use with SBS2k3?"
- In reply to: SuperGumby [SBS MVP]: "Re: ISA/Proxy problem"
- Next in thread: Chad A. Gross [SBS MVP]: "Re: ISA/Proxy problem"
- Reply: Chad A. Gross [SBS MVP]: "Re: ISA/Proxy problem"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
