Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

ISA 2004: problem blocking sites

6 views
Skip to first unread message

JR

unread,
May 8, 2010, 1:31:05 PM5/8/10
to
Hia folks


We have a ISA Server 2004 as proxy (installed by the previous admin).
This server doesn't block anything but I'm trying to get it to block
specific sites.

Not being very familiar with ISA Server, I went looking for tutorials,
and found this one:

http://www.youtube.com/watch?v=3LYWFIuMK5M

Following this and the server 2003 manual, I set up the rule to block
sites and... nothing. I can still access every site.

The server has only 1 other rule, that allows all trafic. Following
the instructions, I placed my new rule above this one, but no luck.
Also tried bellow it.

I'm a bit stuck now. I'm over the manual, etc but out of ideas. Any
thoughts on what I might try?

One thing I find odd: the server is NOT a member of our Active
Directory domain. Could this afect the rule?

Jens Baier

unread,
May 9, 2010, 1:05:12 AM5/9/10
to
Hi,

> We have a ISA Server 2004 as proxy (installed by the previous admin).
> This server doesn't block anything but I'm trying to get it to block
> specific sites.

http://www.isaserver.org/articles/2004firewallblocklist.html
http://technet.microsoft.com/en-us/library/cc302531.aspx

--
Gruss Jens
www.it-training-grote.de
www.forefront-tmg.de
https://mvp.support.microsoft.com/profile/Marc.Grote
http://blog.it-training-grote.de

JR

unread,
May 9, 2010, 6:03:31 AM5/9/10
to
On Sun, 9 May 2010 07:05:12 +0200, "Jens Baier"
<jens...@passport.com> wrote:

>Hi,
>
>> We have a ISA Server 2004 as proxy (installed by the previous admin).
>> This server doesn't block anything but I'm trying to get it to block
>> specific sites.
>
>http://www.isaserver.org/articles/2004firewallblocklist.html
>http://technet.microsoft.com/en-us/library/cc302531.aspx

Didn't work... :(

Phillip Windell

unread,
May 10, 2010, 1:57:24 PM5/10/10
to
"JR" <n...@mine.mn> wrote in message
news:q22du594pp163ue1u...@4ax.com...

Don't know what you did,...so can't know what you did wrong ro right.

Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Yes, ISA should be a domain member,...doing rules with authentication is
problematic without that. But that should be done before ISA is installed.

1. Export the config to an xml file
2. Uninstall ISA
3. Join machine to domain
4. Install ISA. Setup will "know" machine is a member a create proper ISA
System Policies
5. Import the config back in from the xml file.

Debunking the Myth that the ISA Firewall Should Not be a Domain Member
http://www.isaserver.org/tutorials/Debunking-Myth-that-ISA-Firewall-Should-Not-Domain-Member.html


--
Phillip Windell

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Technet Library
ISA2004
http://technet.microsoft.com/en-us/library/cc302436(TechNet.10).aspx
ISA2006
http://technet.microsoft.com/en-us/library/bb898433(TechNet.10).aspx

Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.mspx

Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------


0 new messages