Re: Blocking Internet Access...SBS2003 and ISA
- From: "Steve Foster [SBS MVP]" <steve.foster@xxxxxxxxxxxxx>
- Date: Sat, 28 Oct 2006 08:17:34 -0700
Maxibo wrote:
5 workstations all 2000 professional. No ISA firewall client installed and IE settings for server proxy removed. They do not get on the internet.
Replaced with XP Professionals (did not run connect computer etc as they only run a third party app and just joined to the domain)
However these XPs went straight on the internet. Checked users are not in RWW group and not in SBS Internet users. But still went on internet.
Is this ISA2000 or ISA2004? And is the only access to the internet from the LAN through the SBS (ie it has 2 nics, one LAN, one internet), or is there a router/firewall connected directly to the LAN?
Are the workstations allocated a default gateway?
I had to setup an ISA rule for the workstation names to block external access, which worked.
The default ISA rules in SBS only allow authenticated access, so either those rules have been relaxed, or additional allow rules exist.
I am trying to understand why these went on the internet and were only blocked when I setup a rule to block workstation name.
They matched an ISA rule that allowed access, and you now have a deny rule that "beats" the allow.
--
Steve Foster [SBS MVP]
---------------------------------------
MVPs do not work for Microsoft. Please reply only to the newsgroups.
.
- References:
- Blocking Internet Access...SBS2003 and ISA
- From: Maxibo
- Blocking Internet Access...SBS2003 and ISA
- Prev by Date: Re: Server Rebooted itself
- Next by Date: Re: Install Problem at GUI Startup
- Previous by thread: Re: Blocking Internet Access...SBS2003 and ISA
- Next by thread: How do i recover media from free media pool????
- Index(es):
Relevant Pages
|
