SBS ISA2004 allows all users internet access, why?
- From: Rich R <RichR@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 31 Aug 2005 08:46:04 -0700
hi,
i've upgraded our SBS 2003 premium with SP1 using the disks purchased from
microsoft.
after removing the 40 connections limit which created carnage with our
network, why this is default on SBS i'll never know, i've found that now all
users of the network can browse the internet, as opposed to the SBS Internet
users only as it was before the upgrade.
i consider myself very knowledgable on these things, but for the life of me
i can identify what's causing this to happen.
weird things i've noticed - all my custom rules got amened to TCP 0-65534,
applied to all users. not a successful conversion! anyhow, i've tried
disabling them and then removing them to no avail, still everyone has access.
since i didnt install this from scratch (i.e it's an SBS upgrade) then i'm
not familiar with the "start locked down and open from there". this interface
doesnt make much sense to me at this time, and its a live system where
(relevent) people need access to the internet pretty much all the time.
so, what's the method /rule / policy that would allow only "SBS Internet
Users" access to the web proxy?
points to note: ISA server is on a single network adapter. currently an
external firewall is in place to block access out. please dont lecture me
about using ISA as a full firewall, i know, and i will change it after i've
migrated from SBS. which wont happen until everything is stable.
so to be clear, i'm only using it for controlled web proxy access and caching!
i've not found anything on the web or support or help that documents this
simple feature request.
here's hoping someone can help here!
cheers
Rich R
.
- Follow-Ups:
- Prev by Date: Re: Outlook can't collect POP3 mail, OE can
- Next by Date: Re: Global Address Book Update
- Previous by thread: Re: Outlook can't collect POP3 mail, OE can
- Next by thread: Re: SBS ISA2004 allows all users internet access, why?
- Index(es):
Relevant Pages
|
